d447f9ea5eeb0c7605a47b94715d5dda_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d447f9ea5eeb0c7605a47b94715d5dda_JaffaCakes118
Size

244KB
MD5

d447f9ea5eeb0c7605a47b94715d5dda
SHA1

74693df9caa7c7a7922ccc9651287e1ae1065e7b
SHA256

96306e0ecc8555ae5268d0019ae2ce893339c647d6c4b34ca8bcb1659ffe8ffd
SHA512

b73e4824695e0aa0f43f3bb15216801ac615549f3e2eb438677feedbc8924bf2e9af179f54e8258eaa110ec8ec84c51cc1105c287c2b3d4cebcd8464c5c10007
SSDEEP

3072:mTtycIbgctEjQpWTOYXIxHf7Rz6wJ1F+JZ63TGtTBfsogX3AaRtA7X9M8YV:mxyc7cyMWTO6IxHfgwbc3IGtTBjaE7Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d447f9ea5eeb0c7605a47b94715d5dda_JaffaCakes118

Files

d447f9ea5eeb0c7605a47b94715d5dda_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a5d881faa64dc5c621b319631a435c17

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

inet_addr
WSAStartup
gethostbyname

advapi32

OpenServiceA
ControlService
StartServiceA
CreateServiceA
RegCreateKeyA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
DeleteService
CloseServiceHandle
OpenProcessToken
QueryServiceStatus

user32

DestroyMenu
SetMenuItemBitmaps
GetClassLongA
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
PostQuitMessage
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
CharUpperA
GetWindowPlacement
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
UnhookWindowsHookEx
GetSystemMetrics
MessageBoxA
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetParent
SendMessageA
GetWindowThreadProcessId
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
LoadCursorA
UnregisterClassA
GetWindowTextA
ValidateRect
PeekMessageA
GetKeyState
DispatchMessageA
CallNextHookEx
SetWindowsHookExA
SetWindowTextA
PtInRect
GetClassNameA
GetWindowRect
GetDlgCtrlID
GetWindow
ClientToScreen
GetFocus
GetDlgItem
IsWindow
SetWindowLongA
SetWindowPos
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA

kernel32

GetFileTime
MoveFileA
GetThreadLocale
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GlobalGetAtomNameA
lstrcmpA
GlobalFlags
GetFileSize
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GetLocaleInfoA
GetCPInfo
GetOEMCP
GetSystemTimeAsFileTime
ExitProcess
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
RtlUnwind
RaiseException
SetStdHandle
GetFileType
HeapSize
GetConsoleCP
GetConsoleMode
GetStdHandle
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA
GetFileAttributesA
CreateFileA
InterlockedDecrement
GetModuleHandleA
GetProcAddress
FindFirstFileA
FindClose
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
LocalAlloc
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindResourceA
LoadResource
LockResource
SizeofResource
GetCurrentThreadId
GetTickCount
GetCurrentProcessId
GetVersion
CompareStringW
InterlockedExchange
lstrlenA
CompareStringA
WideCharToMultiByte
MultiByteToWideChar
HeapFree
GetProcessHeap
HeapAlloc
WaitForSingleObject
OpenProcess
CreateProcessA
Process32Next
CloseHandle
GetLastError
Process32First
CreateToolhelp32Snapshot
TerminateThread
CreateThread
GetVersionExA
Sleep
TerminateProcess
GetSystemDirectoryA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetModuleFileNameA
SetLastError
DeleteFileA
lstrcmpW

gdi32

GetStockObject
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

shell32

SHGetFolderPathA

shlwapi

UrlUnescapeA
PathStripToRootA
PathIsUNCA
PathFindFileNameA

oleaut32

VariantInit
VariantChangeType
VariantClear

wininet

InternetCrackUrlA
InternetOpenUrlA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetCanonicalizeUrlA
InternetQueryDataAvailable
InternetQueryOptionA

Exports

Exports

InstallService
RundllInstall
RundllUninstall
ServiceMain
UninstallService

Sections

.text
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5d881faa64dc5c621b319631a435c17

Headers

File Characteristics

Imports

ws2_32

advapi32

user32

kernel32

gdi32

comdlg32

winspool.drv

shell32

shlwapi

oleaut32

wininet

Exports

Exports

Sections

.text Size: 152KB - Virtual size: 150KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 24KB - Virtual size: 22KB

.text
Size: 152KB - Virtual size: 150KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 24KB - Virtual size: 22KB