dfdef00d205d173250308e2454d3ce6d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dfdef00d205d173250308e2454d3ce6d_JaffaCakes118
Size

449KB
MD5

dfdef00d205d173250308e2454d3ce6d
SHA1

5299fb8fe9782bedcdfec0a1f53ee712c49ebd9c
SHA256

0904ed2b6fcf10369f7f36a99656b4fe417215558e40af738cecc6903d808f7a
SHA512

c21f09bdfd79a5f114c6813011ea4a8a74f4714ccddd7b5c9011023c5005b65f9184ba2934a1c431462458b522d2bbeecd01d4eeb6cdef618f37a204c89789b9
SSDEEP

12288:L5PGktEbBCMjRjOtvrhXiukKwe9r0VD2uFZT:L5PMOt9XTp0VD2urT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfdef00d205d173250308e2454d3ce6d_JaffaCakes118

Files

dfdef00d205d173250308e2454d3ce6d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

91912e105f07558c10f90ab8732de8c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Exter\Release\Modifier.pdb

Imports

kernel32

VirtualFree
LoadLibraryW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetACP
IsValidCodePage
GetLocaleInfoW
SetStdHandle
HeapCreate
GetConsoleOutputCP
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
GetConsoleMode
GetConsoleCP
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
HeapSize
GetStartupInfoA
GetCommandLineA
GetDriveTypeA
GetFileType
WriteConsoleW
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
Sleep
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetModuleHandleW
SetErrorMode
GetOEMCP
GetCPInfo
GetFullPathNameA
SetEndOfFile
FlushFileBuffers
SetFilePointer
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
GetCurrentDirectoryA
WritePrivateProfileStringA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
InterlockedDecrement
GetModuleFileNameW
GlobalUnlock
FreeResource
GetCurrentProcessId
SetLastError
GlobalAddAtomA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GlobalDeleteAtom
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
CompareStringA
FindResourceA
LoadResource
LockResource
SizeofResource
InterlockedExchange
lstrcmpA
FreeLibrary
GetProcAddress
GlobalAlloc
GlobalFree
LoadLibraryA
GlobalLock
GetCurrentThreadId
CreateThread
GetModuleFileNameA
DeleteFileA
RemoveDirectoryA
FindFirstFileA
SetFileAttributesA
FindNextFileA
FindClose
CreateEventA
WaitForSingleObject
lstrlenA
MulDiv
FormatMessageA
LocalFree
OpenEventA
GetLocalTime
VirtualAlloc
GetModuleHandleA
GetCurrentThread
ConnectNamedPipe
WriteFile
ReadFile
CreateFileMappingA
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
GetLastError
CreateFileA
CloseHandle
GetCommState
GetSystemTime
OpenFile
GetFileTime
GetSystemInfo
SetCommState
GetStdHandle
CreatePipe
SetHandleInformation
GetVolumeInformationA
GetQueuedCompletionStatus
InterlockedCompareExchange
InterlockedIncrement
GetCurrentProcess
FlushInstructionCache
ExitThread
RaiseException
GetVersion
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
WriteConsoleA
WideCharToMultiByte

user32

CopyRect
GetDlgCtrlID
PtInRect
GetMenu
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSysColor
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnhookWindowsHookEx
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
SetCursor
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
IsWindowVisible
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
SetMenu
PostQuitMessage
EndPaint
ReleaseDC
GetDC
PostThreadMessageA
wsprintfA
GetCursorPos
BeginDeferWindowPos
DeferWindowPos
MapWindowPoints
GetMessagePos
WinHelpA
SendDlgItemMessageA
SetActiveWindow
EndDeferWindowPos
DestroyWindow
GetIconInfo
CreateIconIndirect
FillRect
DrawTextExW
MessageBoxW
LoadCursorA
GetSysColorBrush
CreateWindowExW
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
SetFocus
GetWindowTextLengthA
AdjustWindowRectEx
RegisterClassA
GetClassInfoA
GetClassInfoExA
GetMenuItemCount
GetMenuItemID
SetCapture
CreateWindowExA
MessageBoxA
DestroyIcon
RegisterWindowMessageA
IsWindow
GetParent
SetWindowLongA
DefWindowProcA
GetSubMenu
SetForegroundWindow
BeginPaint
GetMessageTime
GetForegroundWindow
GetWindowTextA
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
CheckMenuItem
GetCapture
SendMessageA
GetCaretPos
SendMessageW
GetScrollInfo
PostMessageA
KillTimer
SetTimer
DrawIcon
IsIconic
GetClientRect
EnableWindow
LoadIconA
IsDialogMessageA
SetWindowTextA
DestroyMenu
UnregisterClassA
GetDesktopWindow
GetSystemMetrics
GetWindowLongA
GetWindow
GetDlgItem
GetTopWindow
CallWindowProcA

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetBkColor
RestoreDC
SaveDC
CreateCompatibleDC
SetMapMode
GetEnhMetaFileA
GetWinMetaFileBits
SetMetaFileBitsEx
PlayMetaFile
CopyMetaFileA
DeleteMetaFile
DeleteEnhMetaFile
DeleteDC
GetObjectA
CreateBitmap
SelectObject
BitBlt
GetPixel
SetPixel
DeleteObject
GetClipBox
GetTextExtentPoint32A
GetCurrentObject
CreateFontIndirectA
GetDeviceCaps
CreateFontW
SetBkMode
SetTextColor
StartDocA
StartPage
MoveToEx
LineTo
GetStockObject
EndPage
EndDoc
SetPixelFormat
SetAbortProc
Escape
CombineRgn

comdlg32

PrintDlgExA

winspool.drv

DeletePrinter
DocumentPropertiesA
ClosePrinter
DeletePrinterDriverA
AddPrinterDriverA
OpenPrinterA

advapi32

EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
FreeSid

shell32

SHFileOperationA

comctl32

ImageList_LoadImageA
ImageList_Create
ImageList_ReplaceIcon
ImageList_Draw
ImageList_GetBkColor
ImageList_Destroy
InitCommonControlsEx
ord17

shlwapi

PathFindFileNameA
PathRemoveFileSpecA
PathFindExtensionA

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream
CoInitialize
CoUnmarshalInterface
CoCreateInstance
CoMarshalInterface
StgCreateDocfile

oleaut32

VariantInit
VariantChangeType
VariantClear
OleCreatePictureIndirect
SystemTimeToVariantTime

wininet

InternetOpenA
InternetLockRequestFile

avifil32

AVIStreamGetFrameOpen
AVIMakeCompressedStream
AVIStreamOpenFromFileA
AVIStreamWrite
AVIStreamRead
AVIStreamSetFormat
AVIStreamReadFormat
AVIFileCreateStreamA
AVIStreamLength
AVIStreamStart
AVIFileExit
AVIStreamRelease
AVIStreamInfoA
AVIFileGetStream
AVIFileInfoA
AVIFileOpenA
AVIFileInit

odbc32

ord41

winmm

mmioWrite
timeGetTime
waveOutSetVolume

pdh

PdhCollectQueryData

rpcrt4

UuidFromStringA
RpcStringFreeA
UuidToStringA

gdiplus

GdiplusStartup
GdiplusShutdown

opengl32

wglDeleteContext
glDeleteLists
wglMakeCurrent
wglGetCurrentContext
wglGetCurrentDC

oleacc

CreateStdAccessibleObject
LresultFromObject

uxtheme

SetWindowTheme

powrprof

CanUserWritePwrScheme

rasapi32

RasGetErrorStringA
RasGetProjectionInfoW

mscms

OpenColorProfileA
CreateMultiProfileTransform

Sections

.text
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 125KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91912e105f07558c10f90ab8732de8c7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

wininet

avifil32

odbc32

winmm

pdh

rpcrt4

gdiplus

opengl32

oleacc

uxtheme

powrprof

rasapi32

mscms

Sections

.text Size: 251KB - Virtual size: 251KB

.rdata Size: 61KB - Virtual size: 60KB

.data Size: 10KB - Virtual size: 25KB

.rsrc Size: 125KB - Virtual size: 377KB

.text
Size: 251KB - Virtual size: 251KB

.rdata
Size: 61KB - Virtual size: 60KB

.data
Size: 10KB - Virtual size: 25KB

.rsrc
Size: 125KB - Virtual size: 377KB