000ff04dfad74324ca58e63b52782c3e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

000ff04dfad74324ca58e63b52782c3e_JaffaCakes118
Size

376KB
MD5

000ff04dfad74324ca58e63b52782c3e
SHA1

7f1994d3d9b6b235aa733a0bb30f85db08fc7748
SHA256

e8a96c4f55b405b78c0060351c9068a8aeeeff6349a05cd6c2f1e4e8247e1669
SHA512

d90f81651d16b85fed8988c561e8f1d779665d1455eaa1da6c5428dac75db5d8f46a5d2241e064c161eb41b3893d855feabb8ac0a36bf3e8e2f1398335036d5e
SSDEEP

6144:uTtM1AMIBEZvkWX2O9jD+tOjCMRUnu7smJHMYrPXBXisRmkV:ue1AMdnX2eHzbGUsmH93V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
000ff04dfad74324ca58e63b52782c3e_JaffaCakes118

Files

000ff04dfad74324ca58e63b52782c3e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

6ebbbf8ac40060c1ab4b09d2dbb6d5a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

PlaySoundA

shlwapi

PathFileExistsA

wininet

FindFirstUrlCacheEntryA
InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA
DeleteUrlCacheEntry
FindCloseUrlCache
FindNextUrlCacheEntryA

kernel32

GetModuleHandleW
Sleep
TerminateThread
GetModuleHandleA
DeleteFileA
LoadLibraryA
MultiByteToWideChar
GetModuleFileNameW
GetProcAddress
LeaveCriticalSection
WideCharToMultiByte
GlobalUnlock
GlobalLock
GlobalAlloc
RemoveDirectoryA
lstrcpyA
GetTempFileNameA
lstrlenW
EnterCriticalSection
FindNextFileA
FindClose
FlushInstructionCache
GetLastError
LoadLibraryW
lstrcmpA
GetCurrentThreadId
GetShortPathNameA
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
lstrcatA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEndOfFile
OutputDebugStringA
CreateFileA
SetLastError
GetCurrentProcessId
InterlockedIncrement
WriteFile
CloseHandle
InterlockedDecrement
GetModuleFileNameA
lstrlenA
GetStringTypeW
IsBadCodePtr
GetStringTypeA
SetStdHandle
GetACP
GetOEMCP
GetCurrentProcess
ReadFile
GetVersionExA
DebugBreak
FindFirstFileA
VirtualFree
HeapCreate
VirtualAlloc
HeapSize
TerminateProcess
GetEnvironmentVariableA
TlsGetValue
TlsFree
ExitProcess
TlsAlloc
GetCommandLineA
HeapReAlloc
GetVersion
RaiseException
GetFullPathNameA
HeapAlloc
GetCurrentDirectoryA
SetEnvironmentVariableA
SetCurrentDirectoryA
GetSystemTime
GetTimeZoneInformation
GetLocalTime
TlsSetValue
CreateThread
ExitThread
CreateDirectoryA
HeapFree
ResumeThread
InterlockedExchange
IsBadWritePtr
UnhandledExceptionFilter
RtlUnwind
GetCPInfo
FlushFileBuffers
SetFilePointer
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
IsBadReadPtr
GetDriveTypeA
LocalFree
SetUnhandledExceptionFilter

user32

GetDesktopWindow
SendMessageA
KillTimer
GetDC
CallNextHookEx
GetSysColor
ReleaseDC
GetParent
SetCursor
IsWindow
GetKeyState
WindowFromPoint
SetWindowsHookExA
SetTimer
SetWindowLongA
GetWindowLongA
GetFocus
InvalidateRect
DestroyMenu
MapWindowPoints
GetWindowRect
GetActiveWindow
CharLowerA
SetFocus
ScreenToClient
GetMessagePos
ShowWindow
DestroyCursor
PostMessageA
UnregisterClassA
CheckMenuItem
AppendMenuA
LoadCursorFromFileA
DispatchMessageA
GetTopWindow
SetActiveWindow
MoveWindow
CreatePopupMenu
TrackPopupMenu
UnhookWindowsHookEx
CreateWindowExA
GetClassNameA
GetDlgItem
InvalidateRgn
SetCapture
ReleaseCapture
DestroyAcceleratorTable
CreateAcceleratorTableA
RedrawWindow
MessageBoxA
UpdateWindow
EndPaint
IsChild
GetWindowDC
CallWindowProcA
SystemParametersInfoA
LoadStringA
DrawTextA
SetRectEmpty
DestroyWindow
CharNextA
wvsprintfA
FillRect
LoadImageA
GetClientRect
GetMenuItemInfoA
DrawEdge
OffsetRect
wsprintfA
LoadBitmapA
DrawStateA
SetWindowTextA
GetWindowTextLengthA
GetWindowTextA
RegisterClassExA
GetWindow
GetClassInfoExA
CopyRect
RegisterWindowMessageA
LoadCursorA
IsWindowVisible
GetSystemMetrics
DefWindowProcA
BeginPaint
SetWindowPos
TranslateMessage

gdi32

CreateFontA
ExtTextOutA
GetTextExtentPoint32A
EnumFontFamiliesExA
SetBkColor
SetBkMode
SetTextColor
SetLayout
SelectObject
GetLayout
CreateFontIndirectA
DeleteDC
CreateBrushIndirect
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
GetStockObject
CreateSolidBrush
GetObjectA
DeleteObject

advapi32

RegCloseKey
RegQueryInfoKeyA
RegEnumValueA
RegSetValueA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoUninitialize
OleRun
CoCreateGuid
CLSIDFromString
CoTaskMemFree
StringFromCLSID
CoTaskMemAlloc
OleLockRunning
RegisterDragDrop
ReleaseStgMedium
CoTaskMemRealloc
CLSIDFromProgID

oleaut32

SysAllocStringLen
VariantInit
SysAllocString
SysAllocStringByteLen
VariantCopy
VariantChangeType
SysStringByteLen
OleCreateFontIndirect
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
DispCallFunc
VarUI4FromStr
RegisterTypeLi
LoadTypeLi
VariantClear
SysStringLen
SysFreeString
GetErrorInfo

setupapi

SetupIterateCabinetA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ebbbf8ac40060c1ab4b09d2dbb6d5a1

Headers

File Characteristics

Imports

winmm

shlwapi

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

setupapi

Exports

Exports

Sections

.text Size: 264KB - Virtual size: 260KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 24KB - Virtual size: 30KB

.SHARED Size: 4KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 264KB - Virtual size: 260KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 24KB - Virtual size: 30KB

.SHARED
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 24KB - Virtual size: 23KB