8e690457125acd0d6c298e1a96b6c796_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8e690457125acd0d6c298e1a96b6c796_JaffaCakes118
Size

1.9MB
MD5

8e690457125acd0d6c298e1a96b6c796
SHA1

7cc567fa98d548486d85d2b18c75f6fe65cbd52c
SHA256

5073aa3f5e1a4e4970bd98d9f2febb60ff1eeca0b8073e088536d531c7a85a80
SHA512

09763314ea7f4d4302625058570bba03919e3b289c172f5d7e7ee27fdc11e604f9bf20b49957a4ef7a79052436a4a17dccfe89d1e7c1fca97b51d24154cdc36e
SSDEEP

49152:5meng49gTeRf9QO/q6LZbOpiQe5q7lfm:5S49s2f2O/q6NbGi35qBfm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e690457125acd0d6c298e1a96b6c796_JaffaCakes118

Files

8e690457125acd0d6c298e1a96b6c796_JaffaCakes118
.exe windows:5 windows x86 arch:x86

632caab3572172bb923f217e2b431075

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Public\soft\novo\WMV9159\RunReleaseUniS\MovieOperator.pdb

Imports

flvdll

?Extract@CFlvFile@@QAEHII@Z
?Add@CFlvFile@@QAEHPAV1@_N@Z
?SaveAudio@CFlvFile@@QAEHV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAVCFlvProcess@@@Z
?Open@CFlvFile@@QAEHV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
??1CFlvFile@@UAE@XZ
?SaveAVI@CFlvFile@@QAEHV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAVCFlvProcess@@@Z
?SaveAs@CFlvFile@@QAEHV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAVCFlvProcess@@@Z
??0CFlvFile@@QAE@XZ

kernel32

GlobalAlloc
Sleep
LoadLibraryW
FindResourceExW
FreeResource
FreeLibrary
GetModuleFileNameW
SetSystemPowerState
GetCurrentProcess
GetSystemDefaultLangID
GlobalLock
GetProcAddress
FindFirstFileW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
WaitForSingleObject
SetEvent
GetLastError
ResetEvent
CreateEventW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
GetVersionExW
HeapAlloc
CloseHandle
GlobalFree
SetLastError
GetModuleHandleW
SetCurrentDirectoryW
MulDiv
lstrlenW
LocalFree
FormatMessageW
GlobalUnlock
GlobalSize
CopyFileW
lstrcmpW
InterlockedExchange
CompareStringA
GetLocaleInfoW
SetEnvironmentVariableA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetDriveTypeA
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentDirectoryA
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
SetThreadPriority
ResumeThread
SuspendThread
GlobalAddAtomW
GetCurrentProcessId
GetVersionExA
LoadLibraryA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
CompareStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GlobalFindAtomW
GetStdHandle
SetUnhandledExceptionFilter
GetModuleHandleA
MoveFileW
DeleteFileW
GetFileType
SetStdHandle
HeapSize
VirtualQuery
GetSystemInfo
VirtualAlloc
CreateThread
ExitThread
ExitProcess
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
HeapReAlloc
HeapFree
GetStartupInfoW
VirtualProtect
GetProfileIntW
GetTickCount
SearchPathW
GetTempPathW
GetTempFileNameW
SetErrorMode
GetCurrentDirectoryW
GlobalGetAtomNameW
GlobalFlags
lstrcpyW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GetThreadLocale
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
lstrlenA
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetFileAttributesW
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileAttributesExW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
SizeofResource

user32

ReuseDDElParam
InsertMenuItemW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetCursorPos
DrawFrameControl
DrawEdge
DrawIconEx
UnregisterClassW
GetNextDlgGroupItem
InvalidateRgn
CharNextW
LoadImageW
DestroyIcon
CopyImage
DrawStateW
RegisterClipboardFormatW
EnumChildWindows
LockWindowUpdate
BringWindowToTop
IsRectEmpty
IsMenu
SetClassLongW
SetParent
CreatePopupMenu
NotifyWinEvent
CreateAcceleratorTableW
DestroyAcceleratorTable
GetKeyboardState
ToUnicodeEx
CopyAcceleratorTableW
WaitMessage
PostThreadMessageW
SetRectEmpty
LoadCursorW
GetSysColorBrush
DestroyMenu
GetMenuItemInfoW
CharUpperW
GetKeyNameTextW
EndPaint
BeginPaint
GetWindowDC
FillRect
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
UnpackDDElParam
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindowThreadProcessId
GetLastActivePopup
IsCharLowerW
MapVirtualKeyExW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
FrameRect
GetUpdateRect
CharUpperBuffW
CopyIcon
SubtractRect
GetDoubleClickTime
CreateMenu
MessageBoxW
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
GetKeyState
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetWindowRgn
DestroyCursor
CheckDlgButton
ModifyMenuW
EnableMenuItem
CheckMenuItem
LoadMenuW
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
WinHelpW
MessageBeep
IsZoomed
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
GetMenuItemCount
GetSubMenu
RemoveMenu
GetWindowLongW
KillTimer
RegisterWindowMessageW
GetAsyncKeyState
GetCapture
SetTimer
DrawIcon
WindowFromPoint
ScreenToClient
SetCapture
OffsetRect
ClientToScreen
SetRect
GetFocus
IsWindowVisible
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
PtInRect
CopyRect
GetDlgCtrlID
GetCursorPos
SetForegroundWindow
InvalidateRect
InsertMenuW
DeleteMenu
GetSystemMenu
TranslateAcceleratorW
LoadAcceleratorsW
IsClipboardFormatAvailable
DispatchMessageW
TranslateMessage
SystemParametersInfoW
GetKeyboardLayout
IsWindow
PostQuitMessage
PeekMessageW
ExitWindowsEx
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetIconInfo
PostMessageW
ReleaseDC
GetDC
SetWindowRgn
GetClientRect
DrawFocusRect
GetParent
ReleaseCapture
InflateRect
GetSysColor
RedrawWindow
SendMessageW
GetWindowRect
LoadIconW
EnableWindow
MapVirtualKeyW

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectPalette
GetObjectType
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
OffsetRgn
GetRgnBox
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetTextColor
SetDIBColorTable
OffsetViewportOrgEx
RealizePalette
SetPixel
CreateDIBSection
GetBkColor
CreatePolygonRgn
Polyline
Ellipse
Polygon
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
SetViewportOrgEx
SelectObject
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
GetStockObject
GetObjectW
CreateFontIndirectW
CreatePen
Rectangle
CreateRoundRectRgn
GetTextExtentPoint32W
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
StretchBlt
CreateBitmap
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
CreateEllipticRgn
GetDeviceCaps
CopyMetaFileW
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
GetDIBits
ExcludeClipRect

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumValueW
RegQueryInfoKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenProcessToken
RegEnumKeyExW
RegCreateKeyW
RegDeleteValueW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegSetValueExW

shell32

SHGetPathFromIDListW
ShellExecuteW
DragQueryFileW
Shell_NotifyIconW
SHGetFileInfoW
SHAppBarMessage
DragFinish
SHBrowseForFolderW
DragAcceptFiles

comctl32

ImageList_GetIconSize
_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFileExistsW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal
CoInitializeEx
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitialize
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoGetClassObject

oleaut32

VariantChangeType
VariantClear
OleLoadPicture
VariantTimeToSystemTime
VariantInit
SysStringLen
SysAllocStringLen
SysFreeString
SysAllocString
OleCreateFontIndirect
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime

imm32

ImmReleaseContext
ImmSetOpenStatus
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW
mmioOpenW
mmioDescend
mmioRead
mmioAscend
mmioClose
mmioCreateChunk
mmioWrite
mmioFlush
timeGetTime
mmioSeek

wmvcore

WMCreateReader
WMCreateWriter
WMCreateProfileManager

avifil32

AVIStreamGetFrameOpen
AVIStreamGetFrame
AVIStreamFindSample
AVIStreamWrite
AVIFileCreateStreamW
AVIMakeCompressedStream
AVIStreamSetFormat
AVIFileRelease
AVIFileExit
AVIFileInit
AVIFileOpenW
AVIStreamRead
AVIStreamLength
AVIFileGetStream
AVIFileInfoW
AVIStreamRelease
AVISaveVW
AVIStreamStart
AVIStreamReadFormat
AVIStreamGetFrameClose
AVIStreamInfoW

msvfw32

ICInfo
ICOpen
ICSeqCompressFrameEnd
ICSeqCompressFrame
ICSeqCompressFrameStart
ICGetInfo
ICClose
ICSendMessage

msacm32

acmFormatSuggest
acmStreamOpen
acmStreamSize
acmStreamPrepareHeader
acmStreamConvert
acmStreamClose
acmStreamUnprepareHeader

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

632caab3572172bb923f217e2b431075

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

flvdll

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

imm32

winmm

wmvcore

avifil32

msvfw32

msacm32

gdiplus

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 344KB - Virtual size: 343KB

.data Size: 27KB - Virtual size: 54KB

.rsrc Size: 62KB - Virtual size: 62KB

.reloc Size: 163KB - Virtual size: 163KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 344KB - Virtual size: 343KB

.data
Size: 27KB - Virtual size: 54KB

.rsrc
Size: 62KB - Virtual size: 62KB

.reloc
Size: 163KB - Virtual size: 163KB