b21607f7cfd73701159dfe3415c23b4e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b21607f7cfd73701159dfe3415c23b4e_JaffaCakes118
Size

228KB
MD5

b21607f7cfd73701159dfe3415c23b4e
SHA1

ef406abf7546ab29452777a3e34814e3c0df0e70
SHA256

472ad842d499ae39cf6308045eb950917b48f23b019d8649dd7e37b901da0241
SHA512

de6164a9a642e5408ee282860f12862231185f73a7fa4101bbededb335f0b7b3467037a425ea516b771de4735cc0f311335ace367280d3f1cc29acc2d29cbf09
SSDEEP

3072:16DkIinWHHEkX6WIR/fsnaVt4cVMt0dULbqCnlzaMR6Enob6cxk3l+tPNDzQ3ru:OkIckXER/AAtP2toqq0FzRPek4rT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b21607f7cfd73701159dfe3415c23b4e_JaffaCakes118

Files

b21607f7cfd73701159dfe3415c23b4e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

1e73aaaec7d2bc27d955b7c7bd351a18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\gs\Bdcci2\Release\BDCCI.pdb

Imports

kernel32

GetCurrentThreadId
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetLocalTime
GetTickCount
InterlockedIncrement
InterlockedDecrement
GetStdHandle
SetFilePointer
WriteFile
CloseHandle
LocalFree
GetVersion
LockResource
GetModuleHandleA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
IsDBCSLeadByte
lstrcatA
lstrcpyA
lstrcpynA
GetModuleFileNameA
lstrcmpiA
LoadLibraryA
EnumResourceLanguagesA
ConvertDefaultLocale
GetProcAddress
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
GetCurrentThread
GlobalAddAtomA
FormatMessageA
GlobalUnlock
GlobalFree
SetLastError
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
WritePrivateProfileStringA
GlobalFlags
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
ReadFile
FlushFileBuffers
GetCurrentProcess
GetCPInfo
GetOEMCP
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
HeapReAlloc
GetCommandLineA
TerminateProcess
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
lstrlenA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

SetWindowPos
CopyRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
CallWindowProcA
DefWindowProcA
RegisterClassA
GetClassInfoA
AdjustWindowRectEx
GetMenu
GetClientRect
SetForegroundWindow
MapWindowPoints
LoadIconA
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
RemovePropA
GetPropA
SetPropA
GetClassInfoExA
GetClassLongA
CreateWindowExA
GetCapture
WinHelpA
RegisterWindowMessageA
DestroyMenu
GetDlgItem
LoadCursorA
GetSystemMetrics
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetWindowTextA
SetWindowTextA
GetClassNameA
wsprintfA
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetMenuItemBitmaps
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
PostMessageA
PostQuitMessage
CharNextA
UnhookWindowsHookEx
CharUpperBuffA
SendMessageA
CallNextHookEx
GetForegroundWindow
SetWindowsHookExA
GetAsyncKeyState
UnregisterClassA
ShowWindow
SetWindowLongA
GetActiveWindow

advapi32

SetSecurityDescriptorDacl
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
InitializeSecurityDescriptor
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA

ole32

CoCreateInstance
StringFromGUID2
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc

oleaut32

LoadRegTypeLi
VariantChangeType
VariantInit
VarBstrCmp
VariantClear
SysStringLen
SysAllocStringByteLen
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

ws2_32

WSAStartup
WSACleanup

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
ScaleWindowExtEx
RectVisible
PtVisible
GetDeviceCaps
DeleteObject
SaveDC
RestoreDC
SetBkColor
SetTextColor
SetMapMode
GetClipBox
GetStockObject
DeleteDC
CreateBitmap

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 647KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e73aaaec7d2bc27d955b7c7bd351a18

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

oleaut32

comctl32

shlwapi

ws2_32

oleacc

gdi32

winspool.drv

Exports

Exports

Sections

.text Size: 136KB - Virtual size: 134KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 8KB - Virtual size: 647KB

.rsrc Size: 24KB - Virtual size: 20KB

.reloc Size: 24KB - Virtual size: 22KB

.text
Size: 136KB - Virtual size: 134KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 8KB - Virtual size: 647KB

.rsrc
Size: 24KB - Virtual size: 20KB

.reloc
Size: 24KB - Virtual size: 22KB