a2a54320f07361371102efac1e551548_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a2a54320f07361371102efac1e551548_JaffaCakes118
Size

416KB
MD5

a2a54320f07361371102efac1e551548
SHA1

69d6d6e87b91a927b84d0be033d56a7ab7a50306
SHA256

0d4f19c5531827ec0c7ec04053fdb3ccba0a691cb45c12aae1dca78ed60a23da
SHA512

5782f3871f491da2bbfdf3b08ff362822febba76a62578c54aeb898aa3ed962df624123f3176fd28ca8ba2dd129ae68cfdc72f7f0629f9ac061be580e5de0612
SSDEEP

6144:DHCM3m9VLKzTH0IkP8QhhOKdGoipaX9B4qohVMFLhc6t5:+M3cVOkPpdGo6Xl2Lh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2a54320f07361371102efac1e551548_JaffaCakes118

Files

a2a54320f07361371102efac1e551548_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f1f0bf8c51ef50cead5865dc8bb18317

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

s:\sdcore\Toolbox\Plugins\ConfigToolboxPlugin\Release\hpqtbc01.pdb

Imports

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiOpenDeviceInterfaceRegKey
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA

kernel32

FlushFileBuffers
GetCurrentProcess
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
VirtualAlloc
GetCommandLineA
GetProcessHeap
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetFilePointer
ExitProcess
HeapSize
GetACP
LCMapStringA
LCMapStringW
GetStdHandle
VirtualFree
HeapDestroy
HeapCreate
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GlobalFlags
GetThreadLocale
InterlockedIncrement
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetCurrentThreadId
InterlockedDecrement
GetModuleFileNameW
SetLastError
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
LoadLibraryA
FreeLibrary
GetTickCount
DeviceIoControl
WriteFile
ReadFile
CreateFileA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
GetVersionExA
Sleep
lstrlenA
CompareStringA
GetVersion
GetLastError
MultiByteToWideChar
InterlockedExchange
LoadLibraryExA
CreateProcessA
CloseHandle
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource

user32

DrawTextA
TabbedTextOutA
DestroyMenu
ClientToScreen
LoadCursorA
GetSysColorBrush
UnregisterClassA
GetWindowThreadProcessId
SetCursor
PostQuitMessage
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
IsWindowEnabled
ShowWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetClientRect
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
GetParent
ReleaseDC
GetDC
MessageBoxA
EnableWindow
SendMessageA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
EndPaint
BeginPaint
GrayStringA
DestroyWindow
DrawTextExA
UnhookWindowsHookEx
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
GetWindow
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetStockObject
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
SelectObject
DeleteDC
SetMapMode
RestoreDC
SaveDC
ExtTextOutA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
DeleteObject
CreateBitmap
GetObjectA

winspool.drv

DocumentPropertiesA
GetPrinterDataA
OpenPrinterA
SetPrinterDataA
GetPrinterA
GetPrinterDriverA
EnumMonitorsA
EnumPrintersA
EnumPortsA
StartDocPrinterA
StartPagePrinter
WritePrinter
EndPagePrinter
EndDocPrinter
ClosePrinter

advapi32

RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA

comctl32

CreatePropertySheetPageA

shlwapi

PathFindExtensionA
PathFindFileNameA

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

InitializeConfigPagePlugin
TerminateConfigPagePlugin

Sections

.text
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1f0bf8c51ef50cead5865dc8bb18317

Headers

File Characteristics

PDB Paths

Imports

setupapi

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

Exports

Exports

Sections

.text Size: 204KB - Virtual size: 202KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 120KB - Virtual size: 117KB

.reloc Size: 28KB - Virtual size: 26KB

.text
Size: 204KB - Virtual size: 202KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 120KB - Virtual size: 117KB

.reloc
Size: 28KB - Virtual size: 26KB