ddece0f1aff4aaf31c720518642b02fd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ddece0f1aff4aaf31c720518642b02fd_JaffaCakes118
Size

272KB
MD5

ddece0f1aff4aaf31c720518642b02fd
SHA1

037e6470af1d94ce75674081d9b6cdfe99a454d2
SHA256

3b4bc4a89bbaf4f0ce1425854859e8a62b221f8c8098c811bfda4d750bf07ad4
SHA512

0380ad080700efffeeb469501f8d248ce510f1e9e535667eeb8f87da45e4d76ac6514787e6b03b8c6632ee8c1484e007800985066d40ad2ed6f15805abd06b61
SSDEEP

6144:xBoxm7jYgQ1RLhACjKmrbdZesAzU5HHYEm1BGPTBJuSu3E:xBPjYgQ1RLhACjKsYswU5H4V1BGPTrHs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddece0f1aff4aaf31c720518642b02fd_JaffaCakes118

Files

ddece0f1aff4aaf31c720518642b02fd_JaffaCakes118
.dll windows:5 windows x86 arch:x86

b81c8ba1bf4b0c0970720e1691a03e2a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\download\BugTrapSrc\BugTrap\Win32\Bin\BugTrap.pdb

Imports

ws2_32

inet_ntoa
WSACleanup
inet_addr
htons
WSASocketA
WSAEventSelect
connect
WSAEnumNetworkEvents
WSASend
WSAGetOverlappedResult
shutdown
setsockopt
closesocket
WSAGetLastError
WSAStartup
gethostname
gethostbyname

comctl32

InitCommonControlsEx
ImageList_LoadImageA
ImageList_Destroy

shlwapi

PathRemoveBackslashA
PathRemoveExtensionA
PathAddExtensionA
PathSkipRootA
PathCreateFromUrlA
UrlIsA
PathIsURLA
PathFindNextComponentA
PathIsRootA
PathRemoveFileSpecA
PathAppendA
StrTrimA
PathIsRelativeA
PathCombineA
PathFindFileNameA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wininet

InternetCrackUrlA
InternetOpenA
InternetSetStatusCallback
InternetConnectA
InternetAttemptConnect
HttpSendRequestExA
InternetWriteFile
HttpEndRequestA
InternetCloseHandle
InternetGetLastResponseInfoA
HttpOpenRequestA

kernel32

GetStartupInfoW
GetFileType
SetHandleCount
RtlUnwind
HeapSize
Sleep
LCMapStringW
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
CloseHandle
WriteFile
CreateFileA
CopyFileA
FindClose
FindFirstFileA
RaiseException
FindNextFileA
SetEvent
WaitForSingleObject
WideCharToMultiByte
ReadFile
SetFilePointer
GetStringTypeA
GetFileSize
MulDiv
FreeLibrary
GetProcAddress
LoadLibraryA
GetProfileIntA
GetLastError
OpenProcess
GetModuleFileNameA
GetCurrentProcessId
GetModuleHandleA
GetVersionExA
DeleteCriticalSection
OutputDebugStringA
GetStdHandle
InitializeCriticalSection
WriteConsoleA
FreeEnvironmentStringsW
GetConsoleOutputCP
LeaveCriticalSection
EnterCriticalSection
SetEndOfFile
GetLocalTime
VirtualProtect
VirtualQuery
ReadProcessMemory
GetCurrentProcess
LocalFree
LocalAlloc
FormatMessageA
GetSystemInfo
GlobalMemoryStatus
GetThreadContext
GetCurrentThread
FreeEnvironmentStringsA
GetEnvironmentStrings
GetTimeFormatA
GetDateFormatA
SystemTimeToFileTime
GetFileAttributesA
DeleteFileA
GetCurrentThreadId
ResumeThread
SuspendThread
GetCurrentDirectoryA
GetCommandLineA
GetComputerNameA
CreateProcessA
GetUserDefaultLangID
SetUnhandledExceptionFilter
TerminateProcess
CreateEventA
DisableThreadLibraryCalls
WaitForMultipleObjects
LocalReAlloc
GetExitCodeThread
GetTempPathA
ResetEvent
RemoveDirectoryA
CreateDirectoryA
GetTickCount
IsDBCSLeadByte
GetWindowsDirectoryA
EncodePointer
HeapAlloc
InterlockedIncrement
InterlockedDecrement
DecodePointer
ExitThread
CreateThread
HeapFree
GetSystemTimeAsFileTime
GetCPInfo
GetModuleHandleW
ExitProcess
GetModuleFileNameW
HeapCreate
HeapDestroy
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetEnvironmentStringsW
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
LoadLibraryW
GetStringTypeW
HeapReAlloc
SetStdHandle
WriteConsoleW
FlushFileBuffers
GetProcessHeap
MultiByteToWideChar
CreateFileW

user32

SetScrollPos
IsZoomed
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
MapWindowPoints
BeginDeferWindowPos
DrawEdge
GetTabbedTextExtentA
TabbedTextOutA
EnumDisplayDevicesA
AppendMenuA
GetSystemMenu
GetWindowThreadProcessId
GetForegroundWindow
GetActiveWindow
SendMessageTimeoutA
GetWindow
DrawTextA
DrawIconEx
GetClassLongA
CopyIcon
LoadCursorA
DestroyIcon
FillRect
KillTimer
SetTimer
PostMessageA
GetMessageA
DispatchMessageA
GetDialogBaseUnits
CreateDialogParamA
GetWindowRect
ScreenToClient
SetWindowPos
LoadIconA
SetForegroundWindow
MessageBoxA
GetWindowLongA
SetWindowLongA
CheckRadioButton
LoadImageA
ShowWindow
DestroyWindow
CreateWindowExA
EnableWindow
IsWindowEnabled
DialogBoxParamA
UpdateWindow
InvalidateRect
GetClientRect
GetSystemMetrics
LoadStringA
GetDlgCtrlID
SetWindowTextA
GetWindowTextLengthA
SendMessageA
SetCursor
GetParent
GetMessagePos
IsChild
GetCapture
ReleaseCapture
GetDlgItem
SetFocus
SetCapture
GetFocus
DrawFocusRect
GetWindowTextA
EndDialog
PtInRect
SystemParametersInfoA
GetKeyState
GetScrollPos
GetScrollInfo
SetScrollInfo
ScrollWindowEx
GetDC
ReleaseDC
DefWindowProcA
RedrawWindow
BeginPaint
EndPaint
IsRectEmpty
PostQuitMessage
GetSysColorBrush
GetSysColor

gdi32

GetDIBits
GetDeviceCaps
GetTextExtentPoint32A
SetTextColor
TextOutA
GetObjectA
CreateDCA
PatBlt
CreateFontIndirectA
StretchBlt
MoveToEx
LineTo
GetTextMetricsA
CreateCompatibleBitmap
CreateCompatibleDC
SetViewportOrgEx
SelectObject
GetClipBox
BitBlt
DeleteDC
SetBkColor
DeleteObject

comdlg32

GetSaveFileNameA

advapi32

RegEnumKeyExA
RegEnumValueA
OpenProcessToken
GetTokenInformation
AdjustTokenPrivileges
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetSpecialFolderPathA
SHGetFileInfoA
ShellExecuteA

ole32

StringFromGUID2

oleaut32

GetErrorInfo
SysFreeString

Exports

Exports

BT_AddLogFile
BT_AddRegFile
BT_AppLogEntry
BT_AppLogEntryF
BT_AppLogEntryV
BT_CallCppFilter
BT_CallNetFilter
BT_CallSehFilter
BT_ClearLog
BT_ClearLogFiles
BT_CloseLogFile
BT_CppFilter
BT_DeleteLogFile
BT_ExportRegistryKey
BT_FlushLogFile
BT_GetActivityType
BT_GetAppName
BT_GetAppVersion
BT_GetDialogMessage
BT_GetDumpType
BT_GetExitMode
BT_GetFlags
BT_GetLogEchoMode
BT_GetLogFileEntry
BT_GetLogFileName
BT_GetLogFilesCount
BT_GetLogFlags
BT_GetLogLevel
BT_GetLogSizeInBytes
BT_GetLogSizeInEntries
BT_GetMailProfile
BT_GetNotificationEMail
BT_GetPostErrHandler
BT_GetPreErrHandler
BT_GetReportFilePath
BT_GetReportFormat
BT_GetSupportEMail
BT_GetSupportHost
BT_GetSupportPort
BT_GetSupportURL
BT_GetUserMessage
BT_InsLogEntry
BT_InsLogEntryF
BT_InsLogEntryV
BT_InstallSehFilter
BT_InterceptSUEF
BT_MailSnapshot
BT_MailSnapshotEx
BT_NetFilter
BT_OpenLogFile
BT_ReadVersionInfo
BT_SaveSnapshot
BT_SaveSnapshotEx
BT_SehFilter
BT_SendSnapshot
BT_SendSnapshotEx
BT_SetActivityType
BT_SetAppName
BT_SetAppVersion
BT_SetDialogMessage
BT_SetDumpType
BT_SetExitMode
BT_SetFlags
BT_SetLogEchoMode
BT_SetLogFlags
BT_SetLogLevel
BT_SetLogSizeInBytes
BT_SetLogSizeInEntries
BT_SetMailProfile
BT_SetNotificationEMail
BT_SetPostErrHandler
BT_SetPreErrHandler
BT_SetReportFilePath
BT_SetReportFormat
BT_SetSupportEMail
BT_SetSupportHost
BT_SetSupportPort
BT_SetSupportServer
BT_SetSupportURL
BT_SetUserMessage
BT_SetUserMessageFromCode
BT_UninstallSehFilter

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b81c8ba1bf4b0c0970720e1691a03e2a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

comctl32

shlwapi

version

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 179KB - Virtual size: 179KB

.rdata Size: 37KB - Virtual size: 36KB

.data Size: 5KB - Virtual size: 18KB

.rsrc Size: 38KB - Virtual size: 38KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 179KB - Virtual size: 179KB

.rdata
Size: 37KB - Virtual size: 36KB

.data
Size: 5KB - Virtual size: 18KB

.rsrc
Size: 38KB - Virtual size: 38KB

.reloc
Size: 11KB - Virtual size: 10KB