bc2a6ce91d5f04abef7f715bb8120e2f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bc2a6ce91d5f04abef7f715bb8120e2f_JaffaCakes118
Size

1.5MB
MD5

bc2a6ce91d5f04abef7f715bb8120e2f
SHA1

83dc0f9b68d91fa9dfd55377c4942339b31c809c
SHA256

dc6c1d5b24378a6cdedbf883c2e9ded65d195cef4df0567cd676b783102f36b8
SHA512

48015290e59c9eeb9c2cef03ee43654ca423e8dc3a1320253099e39f598042fcbf1a0a70bdd6df6947747d9dff029e9b9f4a7d95bc958973d248ddf0a4b6081c
SSDEEP

24576:LqVTALFQyDoClURa4c/ttsbcpivcyNEJPHI4jNNCdTEFDbSWKUxB76wA:OVTApQyEzYwR00EJPo4jwTEFKWJ7Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc2a6ce91d5f04abef7f715bb8120e2f_JaffaCakes118

Files

bc2a6ce91d5f04abef7f715bb8120e2f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

58f14cfefde47c4f02223c91e7a22955

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\mcbuild\mcbuild-win\MobileCenter-2_0\0476\Support\SCL\Builds\Win\Release\SCL.pdb

Imports

imm32

ImmNotifyIME
ImmGetContext
ImmGetCompositionStringW
ImmGetCompositionFontW
ImmGetOpenStatus
ImmReleaseContext

oledlg

OleUIInsertObjectW

shlwapi

PathRemoveBackslashA
PathRemoveBackslashW
PathAppendW
PathAddBackslashW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

comctl32

ImageList_Add
ImageList_Create
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragShowNolock
ImageList_Destroy
ImageList_DragMove
ImageList_DragEnter
ImageList_DragLeave
ImageList_GetIcon
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_Replace
ImageList_Draw
ImageList_Remove
ImageList_DrawEx
ImageList_GetIconSize
InitCommonControlsEx
ImageList_ReplaceIcon

kernel32

GlobalMemoryStatus
GetComputerNameW
GetDateFormatA
GetLocalTime
GetLocaleInfoA
GetProfileStringW
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
GlobalAddAtomA
GlobalGetAtomNameA
GlobalUnlock
GlobalLock
GlobalSize
GetCurrentProcessId
GetVersionExW
FreeLibrary
GetProcAddress
LoadLibraryA
LocalFree
FormatMessageA
CreateDirectoryW
GlobalAddAtomW
FindResourceW
GetModuleFileNameW
LoadLibraryW
GlobalDeleteAtom
GetLocaleInfoW
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
FormatMessageW
GetLastError
SetFilePointer
ReadFile
WriteFile
EnumResourceNamesW
GetFileSize
SetEndOfFile
CloseHandle
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
CreateFileW
GetSystemTimeAsFileTime
FindNextFileW
FindClose
GetCurrentDirectoryW
GetCurrentDirectoryA
GetDiskFreeSpaceW
GetCompressedFileSizeW
SetFileAttributesW
GetFileAttributesW
GetFileTime
SetFileTime
DeleteFileW
RemoveDirectoryW
FindFirstFileW
SetCurrentDirectoryW
GetFileAttributesA
SetCurrentDirectoryA
MultiByteToWideChar
CreateDirectoryA
MoveFileW
SystemTimeToFileTime
FileTimeToSystemTime
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
Sleep
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
TryEnterCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventW
WaitForSingleObject
PulseEvent
CreateMutexW
ReleaseMutex
CreateMutexA
CreateSemaphoreW
ReleaseSemaphore
CreateThread
ResumeThread
TerminateThread
SuspendThread
GetThreadPriority
SetThreadPriority
GetSystemTime
MulDiv
IsDBCSLeadByteEx
InterlockedIncrement
InterlockedDecrement
GlobalAlloc
GlobalFree
GetACP
lstrcpyW
LoadResource
GetUserDefaultUILanguage
GetModuleHandleA
SizeofResource
LockResource
FindResourceExW

user32

EndPaint
GetDCEx
BeginPaint
SetParent
RegisterClassW
PostMessageA
GetWindow
GetMenu
FrameRect
ValidateRect
GetAsyncKeyState
GetKeyState
ReleaseDC
GetParent
SetRect
DeferWindowPos
EndDeferWindowPos
ScrollWindowEx
GetClipCursor
ShowScrollBar
GetScrollInfo
SetScrollPos
GetScrollPos
wsprintfW
CreateAcceleratorTableW
DestroyAcceleratorTable
GetMenuItemInfoW
DrawMenuBar
SetMenu
DestroyMenu
CreatePopupMenu
CreateMenu
SetMenuItemInfoW
InsertMenuItemW
TrackPopupMenu
IntersectRect
GetActiveWindow
IsZoomed
GetWindowTextW
SetForegroundWindow
GetWindowPlacement
MessageBeep
GetCaretBlinkTime
BeginDeferWindowPos
GetMessageTime
InvalidateRect
GetDC
SendMessageW
PostMessageW
ReuseDDElParam
UnpackDDElParam
GetMonitorInfoW
MonitorFromPoint
ClipCursor
MonitorFromRect
InvalidateRgn
CascadeWindows
EnumDisplayMonitors
DrawIconEx
RemoveMenu
SetLayeredWindowAttributes
GetClassInfoW
CreateIconFromResourceEx
GetIconInfo
InvertRect
DestroyCursor
LoadImageW
DrawStateW
LoadCursorW
SetClipboardData
IsClipboardFormatAvailable
GetClipboardData
GetClipboardFormatNameW
OpenClipboard
EmptyClipboard
CloseClipboard
RegisterClipboardFormatW
WindowFromPoint
GetDesktopWindow
DestroyIcon
GetWindowDC
DrawTextA
GetWindowTextLengthW
GetKeyboardLayout
SendMessageA
SetScrollInfo
KillTimer
SetTimer
AdjustWindowRectEx
TrackMouseEvent
GetFocus
IsWindowVisible
GetSysColorBrush
FillRect
CreateWindowExW
SetWindowLongW
RedrawWindow
UpdateWindow
DestroyWindow
GetSystemMetrics
GetDoubleClickTime
GetCapture
ReleaseCapture
ClientToScreen
SetCapture
GetWindowRect
DrawTextW
GetCursorPos
ScreenToClient
GetClientRect
PtInRect
GetSysColor
DrawEdge
DrawFrameControl
InflateRect
DrawFocusRect
MessageBoxW
MessageBoxA
LoadStringW
MsgWaitForMultipleObjectsEx
TranslateMDISysAccel
PeekMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
SetWindowTextW
UnregisterClassW
EnableMenuItem
WinHelpW
SetWindowPos
LockWindowUpdate
SetFocus
BringWindowToTop
SetActiveWindow
CallWindowProcW
ShowWindow
IsIconic
GetDlgItem
SetCursor
GetWindowLongW
DefMDIChildProcW
DefFrameProcW
DefWindowProcW
MapVirtualKeyW
GetKeyboardState
ToUnicode
IsChild
IsWindowEnabled
EnableWindow
GetForegroundWindow
GetWindowThreadProcessId
SystemParametersInfoW
GetClassNameA

gdi32

CreatePatternBrush
Ellipse
Arc
InvertRgn
FillRgn
GetCurrentPositionEx
GdiFlush
CreatePalette
CreateFontIndirectW
GetTextFaceA
BitBlt
SetStretchBltMode
StretchBlt
DeleteDC
GetObjectW
CreateCompatibleDC
CreateCompatibleBitmap
SetDIBitsToDevice
GetStockObject
CreateRectRgn
CombineRgn
CreateBitmap
FrameRgn
GetRgnBox
OffsetRgn
TranslateCharsetInfo
GetRegionData
CreatePen
MoveToEx
LineTo
CreateSolidBrush
SetBkColor
SetTextColor
SelectObject
PatBlt
SetViewportOrgEx
SetBkMode
DeleteObject
RemoveFontResourceW
AddFontResourceW
CreateHalftonePalette
SelectPalette
RealizePalette
SetDIBColorTable
BeginPath
AbortPath
PathToRegion
EndPath
SetRectRgn
PtInRegion
GetClipBox
GetClipRgn
SelectClipRgn
ExtCreateRegion
GetBkColor
CreateRectRgnIndirect
ExcludeClipRect
LPtoDP
GetWindowOrgEx
SetBrushOrgEx
CreateDIBPatternBrushPt
RectVisible
StartDocW
EndDoc
EndPage
StartPage
ModifyWorldTransform
SetGraphicsMode
CreateDCW
RoundRect
GetCurrentObject
GetDeviceCaps
Polygon
EnumFontFamiliesExW
GetTextMetricsW
DPtoLP
SetWorldTransform
GetWorldTransform
GetGraphicsMode
SetWindowOrgEx
CreateDIBSection
GetPaletteEntries
SetPaletteEntries
SetROP2
GetDIBColorTable

comdlg32

CommDlgExtendedError
GetSaveFileNameW
ChooseColorW
PrintDlgW
PageSetupDlgW
ChooseFontW
GetOpenFileNameW

advapi32

RegisterEventSourceW
ReportEventW
DeregisterEventSource
RegOpenKeyExW
GetUserNameW
RegEnumKeyA
RegOpenKeyA
RegSetValueA
RegCreateKeyA
RegSetValueExA
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegQueryValueExW
RegSetValueW
RegCreateKeyW
RegSetValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteKeyA

shell32

DragQueryFileW
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc
SHGetFolderPathW
SHChangeNotify
SHGetFileInfoW

ole32

OleSetContainedObject
RegisterDragDrop
OleInitialize
OleUninitialize
DoDragDrop
ReleaseStgMedium
CoCreateInstance

oleaut32

VariantClear
VariantChangeType
SysFreeString
VariantInit
DispGetParam
SysAllocString

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr80

__CxxFrameHandler3
_purecall
strncpy
memset
??2@YAPAXI@Z
??3@YAXPAX@Z
??_V@YAXPAX@Z
_wtoi
sprintf
_wcsicmp
isalpha
isupper
islower
isdigit
isxdigit
isspace
ispunct
isalnum
isprint
isgraph
iscntrl
toupper
tolower
_CxxThrowException
wcsncpy
_wcsnicmp
_wsplitpath
_splitpath
towupper
iswdigit
memmove
memcpy
qsort
iswcntrl
towlower
_wtol
_CIcos
_CIsin
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
exit
?_set_new_mode@@YAHH@Z
sprintf_s
atol
atof
strncmp
_strupr_s
_strlwr_s
vsprintf_s
iswspace
wcstod
sscanf
wcsncmp
vswprintf_s
_wcsupr_s
_wcslwr_s
_vscwprintf
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
__RTDynamicCast
_CIsqrt
strstr
_CIpow
_wcsicoll
atoi
_control87
ceil
longjmp
abort
_setjmp3
memcmp
abs
fabs
pow
malloc
free
strtod
strlen
strcpy
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_except_handler4_common
_malloc_crt
_encoded_null
__clean_type_info_names_internal
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_stricmp
_strnicmp
floor

Sections

.text
Size: 891KB - Virtual size: 891KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 166KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

58f14cfefde47c4f02223c91e7a22955

Headers

File Characteristics

PDB Paths

Imports

imm32

oledlg

shlwapi

version

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

msvcp80

msvcr80

Sections

.text Size: 891KB - Virtual size: 891KB

.rdata Size: 302KB - Virtual size: 301KB

.data Size: 14KB - Virtual size: 39KB

.rsrc Size: 85KB - Virtual size: 84KB

.reloc Size: 91KB - Virtual size: 91KB

.text Size: 166KB - Virtual size: 168KB

.text
Size: 891KB - Virtual size: 891KB

.rdata
Size: 302KB - Virtual size: 301KB

.data
Size: 14KB - Virtual size: 39KB

.rsrc
Size: 85KB - Virtual size: 84KB

.reloc
Size: 91KB - Virtual size: 91KB

.text
Size: 166KB - Virtual size: 168KB