96f1c2d8a5ce4e55159e9496fd12e9a8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

96f1c2d8a5ce4e55159e9496fd12e9a8_JaffaCakes118
Size

351KB
MD5

96f1c2d8a5ce4e55159e9496fd12e9a8
SHA1

f434f4c8b676649477cba1fec547c943d2c98fa0
SHA256

0799fc45be55088d6cba0745e9f3bbc9ed5ffba3cd8f92cd2bd194661a1b3706
SHA512

6129a2d744ba95ea35c0269c9188acc789c5cb0e315485e00729590f1501e0999f84203197be1a88aeb688c8dc78199605eca415f10eb6bff3d60e47e10c61da
SSDEEP

6144:aW4cTbW8HEpB2h6UNSAWtzxGcVq35AAVdeA2n/Du9WSh3oabLfBkwDwfseJ:awftE3MczxGmAKPn/DuQU3oQfKL0eJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96f1c2d8a5ce4e55159e9496fd12e9a8_JaffaCakes118

Files

96f1c2d8a5ce4e55159e9496fd12e9a8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1406050f2f610dce330a1954add2b4e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
ExpandEnvironmentStringsA
GetCPInfoExA
DeleteFileW
LocalFree
GetCurrentProcess
LocalReAlloc
GetLocaleInfoW
LocalAlloc
GetUserDefaultLCID
GetTickCount
AreFileApisANSI
GetDateFormatA
FreeLibrary
GetSystemTime
Sleep
GetLastError
LeaveCriticalSection
SystemTimeToFileTime
EnterCriticalSection
CloseHandle
CompareFileTime
ReleaseMutex
IsBadReadPtr
WaitForSingleObject
lstrlenA
LoadResource
WideCharToMultiByte
ExpandEnvironmentStringsW
GetTimeFormatA
GetDateFormatW
FindResourceW
FindResourceA
SetFileAttributesW
SearchPathW
SetFileAttributesA
SearchPathA
CreateMutexW
CreateMutexA
CreateProcessW
CreateProcessA
LoadLibraryW
LoadLibraryA
lstrcpynA
DeleteFileA
MultiByteToWideChar
GetCurrentThreadId
LockResource
SetLastError
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
GetVersionExA
GetSystemDefaultLangID
GetTimeFormatW
lstrcmpA
GetProcAddress
GetModuleFileNameA
HeapFree

ole32

CoFreeUnusedLibraries
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoCreateGuid
CoTaskMemFree
CoCreateInstance
CLSIDFromString
StringFromGUID2

user32

MessageBeep
GetParent
IsWindowEnabled
GetDlgItemInt
SetForegroundWindow
CheckDlgButton
PostMessageA
SetFocus
IsDlgButtonChecked
GetFocus
EndDialog
CheckRadioButton
FindWindowA
SetWindowLongA
SetWindowTextW
WinHelpW
GetSysColor
DestroyIcon
InvalidateRect
BeginPaint
EndPaint
GetWindowLongA
SendMessageW
MessageBoxW
MessageBoxA
FindWindowW
SetWindowTextA
GetWindowTextW
WinHelpA
LoadImageW
MapWindowPoints
OffsetRect
GetClientRect
MoveWindow
InflateRect
SetRect
GetDC
ReleaseDC
LoadStringA
CharPrevA
SendMessageA
GetDlgItem
GetSystemMetrics
ShowWindow
UpdateWindow
SystemParametersInfoA
LoadStringW
DialogBoxParamA
DialogBoxParamW
DefWindowProcA
DefWindowProcW
LoadIconA
GetWindowTextA
LoadImageA
EnableWindow

advapi32

RegSetValueExW
RegSetKeySecurity
QueryServiceStatus
StartServiceW
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegQueryValueExA
AddAccessAllowedAce
GetLengthSid
OpenSCManagerW
InitializeAcl
RegCloseKey
FreeSid
RegOpenKeyExA
CloseServiceHandle
GetSidSubAuthority
GetSidSubAuthorityCount
LookupAccountSidW
IsValidSid
GetTokenInformation
GetSidIdentifierAuthority
RegSetValueExA
SetSecurityDescriptorDacl
RegEnumKeyA
RegEnumKeyW
RegDeleteKeyW
RegEnumKeyExW
RegEnumKeyExA
RegOpenKeyExW
RegDeleteKeyA
RegQueryValueExW
RegCreateKeyExW
GetUserNameW
GetUserNameA
RegDeleteValueA
RegCreateKeyExA
RegDeleteValueW
OpenProcessToken
OpenServiceW

msvcrt

wcscat
wcslen
wcscmp
_itow
wcsncmp
wcscpy
_ltow

comctl32

PropertySheetW
CreatePropertySheetPageA
DestroyPropertySheetPage
PropertySheetA
InitCommonControlsEx
ImageList_Create
ImageList_ReplaceIcon
CreatePropertySheetPageW

gdi32

UpdateColors
RealizePalette
SetDIBitsToDevice
DeleteObject
GetDeviceCaps
CreatePalette
SelectPalette

rpcrt4

NdrOleFree
RpcStringFreeW
RpcBindingFree
RpcBindingSetAuthInfoExW
RpcBindingFromStringBindingW
RpcStringBindingComposeW
NdrClientCall2
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
CStdStubBuffer_QueryInterface
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
IUnknown_QueryInterface_Proxy
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
NdrOleAllocate
CStdStubBuffer_CountRefs

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1406050f2f610dce330a1954add2b4e5

Headers

File Characteristics

Imports

kernel32

ole32

user32

advapi32

msvcrt

comctl32

gdi32

rpcrt4

Sections

.text Size: 34KB - Virtual size: 34KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 1024B - Virtual size: 936B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 34KB - Virtual size: 34KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 2KB - Virtual size: 1KB