a0330c0f409b60325dc04c53607991fb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a0330c0f409b60325dc04c53607991fb_JaffaCakes118
Size

76KB
MD5

a0330c0f409b60325dc04c53607991fb
SHA1

f3fb4547ff88dd432a52e390170be92e96d156a6
SHA256

16e9a967844c39b48c5363785557966febeb9a6c2659ddbad0a7393e286a72f9
SHA512

783672a59f430ac823da3e327925ee0f6c3dde9ecf13980d5367675951936c2cf8feab24ce97789a2915d8ce87dd77ab524724e213b1e063ec77bc0a7d452a84
SSDEEP

1536:Cm7sT6CtHHmYZldlqq8O7v6hK19Hdarx9rn1GSluSlVmEf+L+:CIsmCZmYvCqp7igjHUx9Rzt/mu+L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0330c0f409b60325dc04c53607991fb_JaffaCakes118

Files

a0330c0f409b60325dc04c53607991fb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bcf2adde8f950a2b9ace6d9e8d8296fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVolumePathNamesForVolumeNameW
lstrcmpiW
GetProfileStringA
GetLargestConsoleWindowSize
InterlockedDecrement
HeapDestroy
FindResourceW
CallNamedPipeA
FindFirstChangeNotificationA
SetErrorMode
TerminateThread
SearchPathW
GetAtomNameW
DeleteFileA
FindNextVolumeMountPointW
OpenMutexW
GetWindowsDirectoryA
SetVolumeLabelA
VirtualFree
RemoveDirectoryW
GetFileAttributesExA
FileTimeToDosDateTime
GlobalAddAtomW
SetConsoleTitleA
GetDiskFreeSpaceExW
RemoveDirectoryA
OpenFileMappingW
SetComputerNameExW
GetConsoleScreenBufferInfo
ExitThread
UnregisterWaitEx
FreeEnvironmentStringsW
GlobalAlloc
QueueUserWorkItem
SetFileAttributesA
GetFullPathNameW
OpenFileMappingA
ExpandEnvironmentStringsA
CreateProcessW
HeapCreate
AddAtomW
GetStringTypeA
IsBadHugeWritePtr
FindFirstFileExW
GetUserDefaultLangID
LocalSize
GetFullPathNameA
GetConsoleCP
DeleteTimerQueueTimer
GetDiskFreeSpaceW
BindIoCompletionCallback
GetLocaleInfoA
WideCharToMultiByte
GetDateFormatA
HeapReAlloc
IsBadHugeReadPtr
WaitForSingleObjectEx
GetLocalTime
WriteConsoleW
LocalUnlock
ReadFile
GetTempPathW
GetProfileSectionA
SetVolumeLabelW
SleepEx
DisconnectNamedPipe
WaitForMultipleObjects
GetSystemDirectoryW
FindResourceA
EscapeCommFunction
WaitNamedPipeW
OpenFile
FindCloseChangeNotification
DeleteCriticalSection
PurgeComm
SetInformationJobObject
WriteProfileStringA
GetNumberFormatW
PeekNamedPipe
ReadConsoleInputW
GetEnvironmentVariableW
GetStringTypeExW
LocalHandle
UnregisterWait
OpenEventW
lstrcatA
lstrcmpA
SetProcessWorkingSetSize
SetConsoleCursorPosition
TryEnterCriticalSection
GetSystemTimeAdjustment
ReadDirectoryChangesW
LockFile
VirtualAlloc
VirtualAllocEx
GetShortPathNameA
CreatePipe
RtlUnwind
EnumResourceLanguagesA
LoadResource
OpenThread
HeapSetInformation
GetVolumeInformationW
PostQueuedCompletionStatus
SetNamedPipeHandleState
CreateTimerQueueTimer
ReadConsoleInputA
CreateMailslotW
DuplicateHandle
GetCurrentThread
SuspendThread
GetComputerNameExW
LeaveCriticalSection
CreateFileMappingA
lstrcpyW
GetComputerNameA
MoveFileExA
VirtualProtect
HeapFree
CreateDirectoryA
InitializeCriticalSection
LoadLibraryA
HeapAlloc
MapViewOfFile
CloseHandle
GetProcessHeap
CopyFileA
CreateMutexA
CreateProcessA
ReleaseMutex
GetProcAddress
CreateThread
GetLastError
VirtualQuery
EnterCriticalSection
lstrcatW
lstrlenW
HeapValidate
GetModuleFileNameA
lstrlenA
UnmapViewOfFile
LCMapStringW

user32

SetWindowTextW
EnableScrollBar
DialogBoxIndirectParamW
CopyRect
TranslateMessage
GetWindowLongW
DrawStateA
SetMenuItemInfoA
GetWindowWord
GetUpdateRgn
GetClassNameA
SetSysColors
GetNextDlgTabItem
PostMessageW
DrawTextExW
DefWindowProcA
SendMessageTimeoutW
IsIconic
VkKeyScanA
FillRect
ToAsciiEx
CreateIcon
LoadBitmapW
PackDDElParam
GetClassLongA
GetClassInfoExA
DrawAnimatedRects
CheckRadioButton
EnableWindow
TrackPopupMenu
GetMenuStringA
OemToCharA
GetTabbedTextExtentA
MessageBoxW
CharToOemW
ExitWindowsEx
PostQuitMessage
DefFrameProcA
SubtractRect
GetMenuItemInfoW
CharLowerW
SetMessageQueue
ToAscii
MessageBoxA
DialogBoxParamW
GetMenuItemCount
CharUpperA
MapVirtualKeyW
EndPaint
GetFocus
CharPrevA
MonitorFromRect
AppendMenuW
CharUpperW
MapWindowPoints
GetSystemMetrics
SetScrollRange
GetKeyNameTextW
ModifyMenuW
GetMenuState
UpdateWindow
SetCapture
GetMenuDefaultItem
GetClassInfoA
TranslateAcceleratorW
EnumThreadWindows
DialogBoxIndirectParamA
EnableMenuItem
EndDeferWindowPos
GetWindowLongA
UnregisterHotKey
SetProcessWindowStation
GetProcessDefaultLayout
SetMenuItemBitmaps
MapVirtualKeyExW
SetRectEmpty
DefMDIChildProcA
SetActiveWindow
SetDlgItemTextA
ScreenToClient
DestroyMenu
CallMsgFilterW
CharUpperBuffW
GetShellWindow
CreateIconFromResourceEx
CreatePopupMenu
SetProcessDefaultLayout
DefMDIChildProcW
wvsprintfW
GetSysColor
GetMenuItemInfoA
LoadImageA
GetSystemMenu
SetWindowRgn
PostThreadMessageW
TabbedTextOutA
SendInput
SetDlgItemTextW
DrawIcon
CloseDesktop
MessageBoxExA
SetWindowLongW
PostThreadMessageA
SetMenuItemInfoW
FindWindowExW
SendDlgItemMessageA
GetPropA
EnumChildWindows
DrawTextA
LoadMenuA
LoadBitmapA
BeginDeferWindowPos
GetProcessWindowStation
CharNextA
LockWindowUpdate
GetWindowTextW
SetWindowsHookExW
CreateDialogIndirectParamA
GetWindowInfo
CreateWindowExW
GetWindowRect
GetDlgItem
MonitorFromPoint
KillTimer
GetMessageA
SetWindowsHookExA
CallNextHookEx
UnhookWindowsHookEx
BeginPaint

shlwapi

UrlCreateFromPathW
StrChrA
StrCpyNW
SHSetValueW
SHRegSetUSValueW
UrlIsW
StrRetToBufW
StrCmpW
PathFindExtensionA
StrRetToStrW
PathUnquoteSpacesW
StrCatBuffW
PathFileExistsA
StrToIntA
PathIsNetworkPathW
PathSetDlgItemPathW
SHDeleteKeyA
StrCpyW
PathCommonPrefixW
PathCanonicalizeW
PathRenameExtensionW
PathRemoveFileSpecW
PathFindExtensionW
PathIsRelativeW
PathAppendA
StrNCatW
PathGetCharTypeA
UrlCanonicalizeW
PathRemoveBackslashW
StrStrIW
PathGetDriveNumberW

advapi32

RegSetValueExA
RegDeleteValueA
GetUserNameA
RegOpenKeyExA
RegEnumKeyExA
RegOpenKeyA
QueryServiceStatus
RegRestoreKeyW
NotifyChangeEventLog
DuplicateTokenEx
StartServiceA
RegisterServiceCtrlHandlerExW
RegConnectRegistryW
RegSaveKeyExW
RegSetValueW
RegisterServiceCtrlHandlerW
CloseEventLog
RegQueryInfoKeyW
OpenServiceA
RegEnumKeyW
ChangeServiceConfigA
CreateProcessWithLogonW
OpenServiceW
RegDeleteKeyA
ReportEventA
RegQueryValueA
SetEntriesInAclW
SetThreadToken
RegSetValueA
CreateServiceW
ImpersonateAnonymousToken
EnumDependentServicesA
RegSaveKeyW
EnumDependentServicesW
RegOpenCurrentUser
NotifyBootConfigStatus
MapGenericMask
QueryServiceLockStatusW
RegCloseKey

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcf2adde8f950a2b9ace6d9e8d8296fc

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 932B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 932B

.reloc
Size: 4KB - Virtual size: 2KB