d129cf2bfc2e3e51e3fa3110eff8451a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d129cf2bfc2e3e51e3fa3110eff8451a_JaffaCakes118
Size

400KB
MD5

d129cf2bfc2e3e51e3fa3110eff8451a
SHA1

5f1e7d0be1c66025dc8d4f27df0ede29379b7836
SHA256

d11dd1cdf7ef9fb2f5a79138a21618e5b70ea90bfbbe0d37c21ddfdaff835757
SHA512

bdf385680694991f6fd27390120daed0113249c67a3a48cdc9417ac71677bac8170ac4bea4c6598c33cfdf1120fb5856ddb25c4dd0ab80edf9876da342e2d011
SSDEEP

12288:scU2q5htATHmsKnd1vhZ81aanEM1tNVqP2t:sWmhtATWd1hBIRfNVtt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d129cf2bfc2e3e51e3fa3110eff8451a_JaffaCakes118

Files

d129cf2bfc2e3e51e3fa3110eff8451a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

187b889c6e11bc1383f47d002e1d1c82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiGetClassDevsA
SetupDiOpenDevRegKey
SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInfo

kernel32

GetVersionExA
lstrcmpA
FormatMessageA
Sleep
GetProcAddress
LoadLibraryA
lstrcpyA
SetFilePointer
LocalReAlloc
SetLastError
GetCurrentThreadId
DeviceIoControl
GetCurrentProcessId
GetCurrentProcess
FlushInstructionCache
GetTempPathA
GetFileAttributesA
WriteFile
OutputDebugStringA
CreateFileA
CloseHandle
GetTickCount
GetProcessHeap
HeapAlloc
LocalAlloc
LocalHandle
LocalFree
FindResourceExA
LockResource
GetModuleHandleA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
IsDBCSLeadByte
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
CompareStringW
CompareStringA
DisableThreadLibraryCalls
lstrcmpiA
lstrlenA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
IsProcessorFeaturePresent
InterlockedCompareExchange
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
TlsFree
GlobalGetAtomNameA
GetThreadLocale
GlobalFlags
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GetLocaleInfoA
GetCPInfo
GetOEMCP
FlushFileBuffers
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
SetEnvironmentVariableA
GetCommandLineA
HeapSize
ExitProcess
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetACP

user32

CheckMenuItem
EnableMenuItem
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetWindowPlacement
CopyRect
AdjustWindowRectEx
GetClassInfoA
GetMenu
GetClientRect
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
RemovePropA
GetPropA
SetPropA
GetClassLongA
GetCapture
WinHelpA
LoadIconA
RegisterWindowMessageA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
DestroyMenu
ClientToScreen
GetDlgCtrlID
PtInRect
UnregisterClassA
SetWindowsHookExA
CallNextHookEx
GetSubMenu
GetMenuItemID
GetMenuState
MessageBoxA
GetLastActivePopup
SendMessageA
UnhookWindowsHookEx
GetWindow
GetClassNameA
GetWindowTextA
GetMenuItemCount
LoadStringA
RegisterClassA
GetForegroundWindow
GetWindowThreadProcessId
SetForegroundWindow
IsIconic
PostQuitMessage
PostMessageA
DispatchMessageA
PeekMessageA
GetDC
ReleaseDC
GetWindowRect
GetParent
SetWindowPos
SystemParametersInfoA
GetSystemMetrics
GetDlgItem
IsWindowEnabled
EnableWindow
wsprintfA
CreateWindowExA
RegisterClassExA
DestroyWindow
LoadCursorA
GetClassInfoExA
IsWindow
KillTimer
SetTimer
SetWindowTextA
CallWindowProcA
GetWindowLongA
SetWindowLongA
DefWindowProcA
CharNextA
GetSysColorBrush
GetSysColor
ValidateRect
GetFocus
GetKeyState

gdi32

SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
GetStockObject
SelectObject
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC

winspool.drv

OpenPrinterA
ClosePrinter
EnumPortsA
EnumPrintersA
DocumentPropertiesA

advapi32

RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
ProgIDFromCLSID

oleaut32

CreateErrorInfo
SetErrorInfo
SafeArrayRedim
SafeArrayCreate
SafeArrayDestroy
VariantCopy
SysStringByteLen
SysAllocStringByteLen
VarBstrCat
SafeArrayLock
SafeArrayUnlock
SysAllocStringLen
VariantClear
VariantInit
LoadRegTypeLi
VariantChangeType
SysStringLen
SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr

oleacc

LresultFromObject
CreateStdAccessibleObject

Exports

Exports

?COMWndProc@@YGJPAUHWND__@@IIJ@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

187b889c6e11bc1383f47d002e1d1c82

Headers

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

oleaut32

oleacc

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 173KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 48KB - Virtual size: 122KB

.rsrc Size: 104KB - Virtual size: 102KB

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 176KB - Virtual size: 173KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 48KB - Virtual size: 122KB

.rsrc
Size: 104KB - Virtual size: 102KB

.reloc
Size: 24KB - Virtual size: 23KB