af71e7cbb47a1c7f7200f484113bb6e2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

af71e7cbb47a1c7f7200f484113bb6e2_JaffaCakes118
Size

347KB
MD5

af71e7cbb47a1c7f7200f484113bb6e2
SHA1

e9135495239b1835307cce0626565edbe5ce9f38
SHA256

041e7917402ed30020f38a4bd4b7b9c00792cdbf98816c4e5f5bc89740f4dcf4
SHA512

83aab8d162606a2fd9edab78cb8099a5e18325f088a0ffe02064db93bc6419bfe738b0475be45a734e37cbf030c1420df2ef6328c319f204a73d3c625dde01ab
SSDEEP

6144:1/oDEVRCFGhVRjCOom6XmoniXhwJTZOZ26GBaM:CYRCFI8a6XmgiXhwJe2WM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af71e7cbb47a1c7f7200f484113bb6e2_JaffaCakes118

Files

af71e7cbb47a1c7f7200f484113bb6e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

794465a86e6a9dde4cb72c3051f2112a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ufddll

??1CUsblib@@UAE@XZ
?Usblib_SPTICMD_Stop@CUsblib@@QAEXPAU_Storage_Struct@@@Z
?Usblib_SCSIBusScan@CUsblib@@QAEXPAU_Storage_Struct@@@Z
?Usblib_SPTICMD_Start@CUsblib@@QAEHPAU_Storage_Struct@@@Z
?Usblib_RunFormat@CUsblib@@QAEXPAU_Storage_Struct@@PAU_VendorData_Struct@@@Z
?Usblib_ASPICMD_Stop@CUsblib@@QAEXXZ
??0CUsblib@@QAE@XZ
?Usblib_ASPICMD_Start@CUsblib@@QAEHPAE@Z

kernel32

SetEndOfFile
FindClose
GetFullPathNameA
GetTickCount
GetFileAttributesA
GetFileSize
GetFileTime
RtlUnwind
ExitProcess
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitThread
CreateThread
HeapSize
HeapReAlloc
GetACP
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
UnlockFile
VirtualProtect
GetSystemInfo
VirtualQuery
SetStdHandle
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoA
CompareStringA
CompareStringW
SetEnvironmentVariableA
SizeofResource
LockResource
LoadResource
FindResourceA
GetModuleFileNameA
GetEnvironmentVariableA
GetLastError
GetCurrentProcess
GetCurrentThreadId
SetLastError
CreateMutexA
lstrcmpiA
GetVersionExA
GetDriveTypeA
GetSystemDefaultLCID
GetVolumeInformationA
GetLogicalDrives
Sleep
CopyFileA
GetWindowsDirectoryA
SetEvent
CreateEventA
FlushFileBuffers
LockFile
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
SetErrorMode
GetThreadLocale
WritePrivateProfileStringA
FindFirstFileA
GetTempPathA
ResetEvent
WaitForSingleObject
GetProcAddress
FreeLibrary
LocalAlloc
GetProfileStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
SuspendThread
SetThreadPriority
ResumeThread
CloseHandle
GlobalAlloc
lstrcmpA
GetCurrentThread
FormatMessageA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedIncrement
InterlockedExchange
GlobalFree
InterlockedDecrement
lstrcpynA
GlobalLock
GlobalUnlock
MulDiv
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
LocalFree
LoadLibraryA
RaiseException
GetTimeZoneInformation

user32

TranslateMessage
GetMessageA
SetWindowContextHelpId
MapDialogRect
LoadCursorA
GetSysColorBrush
DestroyMenu
CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
CharUpperA
RegisterClipboardFormatA
PostThreadMessageA
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
ValidateRect
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
EqualRect
GetClassNameA
GetDesktopWindow
GetSystemMetrics
DrawIcon
LoadIconA
FindWindowA
SetForegroundWindow
IsIconic
GetCursorPos
PostQuitMessage
DispatchMessageA
ShowWindow
GetThreadDesktop
GetUserObjectInformationA
wsprintfA
PtInRect
InflateRect
IsRectEmpty
CopyRect
DrawEdge
KillTimer
SetTimer
IsWindow
SendMessageA
SetCursor
FillRect
OffsetRect
GetWindowRect
RedrawWindow
UpdateWindow
GetSysColor
LoadStringA
EnableWindow
GrayStringA
DrawTextA
TabbedTextOutA
GetKeyState
GetParent
PostMessageA
SetCapture
LoadBitmapA
GetClientRect
ReleaseCapture
InvalidateRect
DrawFocusRect
IsWindowUnicode
DefDlgProcA
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
GetMenu

gdi32

CreateBitmap
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateSolidBrush
DeleteObject
CreateFontIndirectA
SetViewportOrgEx
GetViewportOrgEx
GetStockObject
Rectangle
RoundRect
CreatePen
SelectObject
SetPixel
GetClipBox
SetTextColor
SetBkColor
DeleteDC
SaveDC
RestoreDC
SetBkMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
GetPixel
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetDeviceCaps
PatBlt
GetTextColor
GetObjectA
CreateCompatibleDC
LPtoDP
CreateCompatibleBitmap
GetMapMode
DPtoLP
GetBkColor
GetTextExtentPointA
ScaleWindowExtEx
CreateDIBitmap
BitBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

shell32

ShellExecuteA

comctl32

ImageList_Destroy
ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
CoTaskMemFree
CoCreateInstance
OleRun
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoRegisterMessageFilter
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleInitialize
CoTaskMemAlloc
OleUninitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard

olepro32

ord253

oleaut32

VariantTimeToSystemTime
VariantCopy
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
SysAllocString
VariantClear
SysFreeString
VariantChangeType

Sections

.text
Size: 208KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

794465a86e6a9dde4cb72c3051f2112a

Headers

File Characteristics

Imports

ufddll

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 208KB - Virtual size: 206KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 12KB - Virtual size: 29KB

.rsrc Size: 52KB - Virtual size: 50KB

.trdata Size: 20KB - Virtual size: 20KB

.text
Size: 208KB - Virtual size: 206KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 12KB - Virtual size: 29KB

.rsrc
Size: 52KB - Virtual size: 50KB

.trdata
Size: 20KB - Virtual size: 20KB