ade23b531e82792b2a45aafcf9ec52d9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ade23b531e82792b2a45aafcf9ec52d9_JaffaCakes118
Size

656KB
MD5

ade23b531e82792b2a45aafcf9ec52d9
SHA1

170c5555758d139282b7d3b622ec98d7d7dac188
SHA256

1d6b4580c7a954b47da20196346b47e10b57cdea7050c0dd0452a0851362ca9d
SHA512

8e21aef8594ccac1b39aba52b73be630831545d9aea967d96ea65432bb39ddebfdcc5996194cd1b794c41f80af3a55a52ab97807ae30d1fbade07e78c2d2e080
SSDEEP

12288:hLecOnLPCuqhbRmXIXofbDdYKDSXyV5/caPoh4UQ/5t+Mw2B0EUxluHddpJDTje:wRdYKeXyV5/cD4j/w007GdpJHS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ade23b531e82792b2a45aafcf9ec52d9_JaffaCakes118

Files

ade23b531e82792b2a45aafcf9ec52d9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0d51f34ef945d6fe6a74c355712c26ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr80

_wcsupr_s
_CxxThrowException
_time64
__CxxExceptionFilter
__CxxFrameHandler3
__CxxRegisterExceptionObject
__CxxDetectRethrow
__CxxQueryExceptionSize
__CxxUnregisterExceptionObject
wcstoul
_cexit
__FrameUnwindFilter
_itow
_wtoi
wcsrchr
iswspace
_purecall
_crt_debugger_hook
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
_wcsupr
_mbstrlen
_isnan
isdigit
strtod
strtol
wcscpy
memcpy
strlen
cos
sin
fabs
atan2
tan
sqrt
memmove
labs
wcscmp
abs
fmod
memcpy_s
??_V@YAXPAX@Z
??2@YAPAXI@Z
??_U@YAPAXI@Z
memset
free
wcschr
realloc
_wcsicmp
vswprintf_s
_wcsdup
_vscwprintf
wcsstr
malloc
wcslen
memcmp
memmove_s
??3@YAXPAX@Z
wcsncmp

kernel32

InitializeCriticalSection
LockResource
IsBadReadPtr
LoadResource
FindResourceExW
MulDiv
MultiByteToWideChar
FindResourceW
EnterCriticalSection
LeaveCriticalSection
GlobalLock
GlobalUnlock
DeleteCriticalSection
SetFilePointer
lstrlenW
WideCharToMultiByte
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
LocalFree
FormatMessageW
LoadLibraryA
lstrcpynA
DeviceIoControl
GetVersion
GetDriveTypeW
GetVolumeInformationW
InterlockedIncrement
InterlockedDecrement
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
RaiseException
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExW
GlobalReAlloc
lstrcpynW
lstrcmpiW
lstrcpyW
GetFileType
HeapFree
GetProcessHeap
HeapAlloc
GlobalSize
GlobalAlloc
GlobalFree
WriteFile
ReadFile
CloseHandle
GetFileSize
SetLastError
CreateFileW
GetLastError
SizeofResource

user32

LoadCursorW
GetDC
GetClipboardData
SetCursor
GetCursorPos
ScreenToClient
GetCapture
DestroyCursor
wsprintfW
ReleaseCapture
CreateWindowExW
LoadBitmapW
SendMessageW
SetWindowRgn
ShowWindow
SetCapture
DestroyWindow
GetWindowLongW
CopyRect
DrawTextW
FrameRect
GetParent
ClientToScreen
UnregisterClassA
SetScrollInfo
EnableScrollBar
ShowScrollBar
GetScrollInfo
InvalidateRect
ValidateRect
GetClientRect
ScrollWindow
DrawIconEx
CreateIconIndirect
GetIconInfo
wsprintfA
DialogBoxParamW
GetDlgItem
SetWindowTextW
EndDialog
SetWindowLongW
SetWindowPos
KillTimer
SetTimer
UpdateWindow
IsRectEmpty
GetFocus
CopyIcon
DestroyIcon
UnionRect
DrawFocusRect
GetKeyState
InflateRect
OffsetRect
PtInRect
GetSysColor
EqualRect
FillRect
IntersectRect
SetRect
SetRectEmpty
GetSystemMetrics
ReleaseDC
IsClipboardFormatAvailable
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
RegisterClipboardFormatW

gdi32

ExtCreatePen
PtInRegion
CreateRoundRectRgn
SetPolyFillMode
GetTextMetricsW
CreateFontIndirectW
PathToRegion
ExtTextOutW
GetCharacterPlacementW
SetTextAlign
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetObjectType
RestoreDC
SaveDC
SetViewportExtEx
SetWindowExtEx
GetBitmapBits
CreatePenIndirect
CreatePolygonRgn
LPtoDP
GetPath
FlattenPath
EndPath
BeginPath
CreatePalette
GetPaletteEntries
CreateBitmap
SetStretchBltMode
StretchDIBits
CreateDIBitmap
CreateBitmapIndirect
PatBlt
GetDIBits
DeleteMetaFile
SetViewportOrgEx
OffsetViewportOrgEx
CopyEnhMetaFileW
CopyMetaFileW
DeleteEnhMetaFile
GetObjectW
SetBkMode
SetROP2
LineTo
MoveToEx
GetWorldTransform
CreatePen
SetGraphicsMode
IntersectClipRect
SelectClipRgn
ExtSelectClipRgn
GdiComment
Escape
CreateBrushIndirect
Rectangle
Polyline
Polygon
SetWorldTransform
GetDeviceCaps
GetEnhMetaFileHeader
CreateSolidBrush
RealizePalette
SelectPalette
CreateCompatibleBitmap
DeleteDC
CloseMetaFile
EnumMetaFile
CreateCompatibleDC
CloseEnhMetaFile
SetMapMode
GetCurrentPositionEx
CreateMetaFileW
CreateEnhMetaFileW
DeleteObject
PlayEnhMetaFileRecord
GetStockObject
PlayMetaFileRecord
SetTextColor
BitBlt
SetBkColor
EnumEnhMetaFile
SetWindowOrgEx
GetEnhMetaFileDescriptionW
EndPage
EndDoc
PolyBezier
StrokeAndFillPath
AbortPath
SetPixel
RoundRect
PolyPolygon
GetTextExtentExPointW
GetTextExtentPoint32W
Chord
Arc
Pie
GetPixel
ExtFloodFill
SetMetaFileBitsEx
GetMetaFileBitsEx
PlayMetaFile
SetEnhMetaFileBits
GetEnhMetaFileBits
PlayEnhMetaFile
SetBrushOrgEx
DPtoLP
EnumFontFamiliesW
CreateEllipticRgnIndirect
StretchBlt
StartDocW
Ellipse
SelectObject
StartPage

comdlg32

PrintDlgW

shell32

DragAcceptFiles

oleaut32

SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SysStringLen
SysAllocString
VariantCopy
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
VariantInit
SafeArrayRedim

advapi32

RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW

msvcm80

?RegisterModuleUninitializer@<CrtImplementationDetails>@@YAXP$AAVEventHandler@System@@@Z
?DoCallBackInDefaultDomain@<CrtImplementationDetails>@@YAXP6GJPAX@Z0@Z
?DoDllLanguageSupportValidation@<CrtImplementationDetails>@@YAXXZ
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@P$AAVException@3@@Z
?ThrowNestedModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVException@System@@0@Z
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@@Z

mscoree

_CorDllMain

Sections

.text
Size: 396KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d51f34ef945d6fe6a74c355712c26ef

Headers

File Characteristics

Imports

msvcr80

kernel32

user32

gdi32

comdlg32

shell32

oleaut32

advapi32

msvcm80

mscoree

Sections

.text Size: 396KB - Virtual size: 394KB

.rdata Size: 196KB - Virtual size: 193KB

.data Size: 8KB - Virtual size: 58KB

.rsrc Size: 28KB - Virtual size: 27KB

.reloc Size: 24KB - Virtual size: 21KB

.text
Size: 396KB - Virtual size: 394KB

.rdata
Size: 196KB - Virtual size: 193KB

.data
Size: 8KB - Virtual size: 58KB

.rsrc
Size: 28KB - Virtual size: 27KB

.reloc
Size: 24KB - Virtual size: 21KB