b91975b6b44ebb722cd9e643d538ead8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b91975b6b44ebb722cd9e643d538ead8_JaffaCakes118
Size

229KB
MD5

b91975b6b44ebb722cd9e643d538ead8
SHA1

740e5faee995cbfeb00893f7c7fdaedc159734ae
SHA256

a02f9d4ff2c1cadad7387ecace7327700e9bcdf1fe1ce51b6f4c6d53a50f32bf
SHA512

72cb9e8b73202824da7ea2f8fe5e7a49d287dff3b8036c409df591bf952d4154d77384ec0f21964d0e64d31090bf0f6066d8b6069445a2e87cc9cc90338e65cb
SSDEEP

3072:4fokzjRPuGcZC9z9PJQxzp8nU28i+lpr72OHRYLaOzCDSv4DWSmkKPFuDa9Zni:8oiPIC1RFnU5tlPGaOzCDE4DHmkK9u2K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b91975b6b44ebb722cd9e643d538ead8_JaffaCakes118

Files

b91975b6b44ebb722cd9e643d538ead8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e84b0b3aa23af0c06a97941cae2b22bb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHSetValueA
SHGetValueA
SHDeleteValueA

msvcrt

fopen
_strnicmp
_strlwr
fwrite
fclose
_stat
sprintf
_CxxThrowException
printf
strncmp
wprintf
_purecall
_ftol
_CIasin
_mbscmp
??1type_info@@UAE@XZ
_CIacos
_CIpow
_setjmp3
__CxxLongjmpUnwind
longjmp
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
_mkdir
strftime
_stricmp
isspace
strchr
abort
strtok
strrchr
wcscpy
wcscat
wcslen
memmove
atol
sscanf
_snprintf
rename
_mbsnbicmp
localtime
mktime
vsprintf
free
malloc
atoi
_access
srand
rand
getenv
time
fseek
ftell
??2@YAPAXI@Z
fread
strstr
__CxxFrameHandler
strncpy

ws2_32

gethostbyname
ntohl
inet_addr
htons
ntohs
WSAStartup
sendto
socket
bind
recvfrom
gethostname

iphlpapi

GetAdaptersInfo

rasapi32

RasEnumConnectionsA
RasGetEntryDialParamsA
RasEnumEntriesA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo

netapi32

Netbios

advapi32

LsaClose
RegQueryValueExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
DeleteService
CloseServiceHandle
ControlService
OpenServiceA
OpenSCManagerA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
GetUserNameA
LookupAccountNameA
ConvertSidToStringSidW
LsaOpenPolicy
LsaRetrievePrivateData
RegOpenKeyExW
RegConnectRegistryA
RegOpenKeyA
RegEnumKeyA
StartServiceA
CreateServiceA

user32

ChangeClipboardChain
PostQuitMessage
SetClipboardViewer
DefWindowProcA
GetPriorityClipboardFormat
OpenClipboard
GetClipboardData
GetForegroundWindow
GetWindowTextA
CloseClipboard
SendMessageA
RegisterClassExA
CreateWindowExA
SetTimer
GetMessageA
TranslateMessage
DispatchMessageA
IsCharAlphaNumericA
wsprintfW
wsprintfA
GetProcessWindowStation
GetThreadDesktop
OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
SetThreadDesktop
GetDC
ReleaseDC
CloseWindowStation
CloseDesktop
GetSystemMetrics

oleaut32

GetErrorInfo

kernel32

InterlockedCompareExchange
OpenProcess
TerminateProcess
CreatePipe
GetStartupInfoA
GetVersionExA
GetSystemDirectoryA
MoveFileExA
GetModuleHandleW
TerminateThread
LocalFree
LocalAlloc
lstrlenA
GetPrivateProfileStringA
GetPrivateProfileIntA
SetLastError
WriteFile
CreateFileW
GlobalAlloc
GlobalLock
GlobalHandle
WideCharToMultiByte
GlobalFree
DeviceIoControl
GetFileSize
ReadFile
CreateFileA
SystemTimeToFileTime
GetFileTime
SetFileTime
OutputDebugStringA
GetModuleFileNameA
CreateMutexA
SetFileAttributesA
InterlockedIncrement
InterlockedDecrement
GetLocalTime
GetEnvironmentVariableA
GetSystemDefaultLCID
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcess
GetCurrentThread
GetCurrentProcessId
FindClose
FindNextFileA
FindFirstFileA
SetFilePointer
lstrcpyA
lstrcatA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
GetLogicalDriveStringsA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDrives
GetDiskFreeSpaceExW
GetVolumeInformationW
GetTickCount
CopyFileA
DeleteFileA
MoveFileA
BeginUpdateResourceA
UpdateResourceA
EndUpdateResourceA
FindResourceA
GetSystemDirectoryW
WritePrivateProfileStringA
DeleteCriticalSection
ResumeThread
GetExitCodeThread
CreateEventA
InitializeCriticalSection
LeaveCriticalSection
WaitForSingleObject
EnterCriticalSection
SetEvent
GetCurrentThreadId
GlobalUnlock
LoadResource
LockResource
LocalFileTimeToFileTime
SizeofResource
InterlockedExchange
GetLastError
Sleep
CreateProcessA
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryA
GetTempPathA
GetWindowsDirectoryA
CloseHandle
CreateThread

mfc42

ord535
ord800
ord537
ord860
ord540
ord4278
ord6883
ord5710
ord665
ord2818
ord858
ord6877
ord924
ord4129
ord354
ord2614
ord541
ord801
ord5683

gdi32

CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetDeviceCaps
GetStockObject
SelectPalette
RealizePalette
GetDIBits
DeleteDC
DeleteObject
GetPixel

shell32

SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetPathFromIDListA

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
StgOpenStorage
StgIsStorageFile

winmm

waveInStart
mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetNumDevs
waveInUnprepareHeader
waveInOpen
waveInGetErrorTextA
waveInPrepareHeader
waveInAddBuffer
waveInReset
waveInClose
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetDevCapsA
mixerClose

Exports

Exports

DealA
DealB

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e84b0b3aa23af0c06a97941cae2b22bb

Headers

File Characteristics

Imports

shlwapi

msvcrt

ws2_32

iphlpapi

rasapi32

setupapi

netapi32

advapi32

user32

oleaut32

kernel32

mfc42

gdi32

shell32

ole32

winmm

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 28KB - Virtual size: 75KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 28KB - Virtual size: 75KB

.reloc
Size: 12KB - Virtual size: 11KB