0778690c084cfdd65c54243551d73ead_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0778690c084cfdd65c54243551d73ead_JaffaCakes118
Size

467KB
MD5

0778690c084cfdd65c54243551d73ead
SHA1

647c0f91d44d87eeb6d2ae1da9fee8443c1b30ee
SHA256

7cc105114d5a1b34afedd73d2ebffa97a9e30fb57f09ac8c2af62a2605b6675f
SHA512

144d3f6dc1e36e53ca678f18ec8a81a43461c2e58222ed7482aab152ca26e9280bfd3663162418adaaa8c029aebffc6f3ae61406746cccb0d72c2eccd959cdc5
SSDEEP

12288:xDyub2RnBT46byrUBJknnr/63cgvNHOoxM6bjT3:xDyuyRnBT46byrUBJknnry3nhdxNXT3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0778690c084cfdd65c54243551d73ead_JaffaCakes118

Files

0778690c084cfdd65c54243551d73ead_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

3847ac946f4242ebf8571248863e86f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oledlg

OleUIInsertObjectW
ord3

wininet

InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
HttpQueryInfoA
HttpSendRequestA
InternetSetOptionA
HttpOpenRequestA
HttpOpenRequestW
InternetConnectA
InternetOpenA
InternetCrackUrlA
InternetCombineUrlA
HttpEndRequestA
InternetWriteFile
HttpSendRequestExA
HttpAddRequestHeadersA

shlwapi

StrStrA
StrToIntA
StrCSpnA
StrStrIA
StrChrA
StrNCatA

shell32

ShellExecuteW
ShellExecuteA
SHFileOperationA

comctl32

ImageList_Create
ImageList_ReplaceIcon
ImageList_Destroy

kernel32

CreateFileW
IsBadReadPtr
LocalFileTimeToFileTime
MultiByteToWideChar
WideCharToMultiByte
GetCurrentDirectoryA
SizeofResource
LockResource
LoadResource
FindResourceA
DuplicateHandle
GetCurrentProcess
DeleteCriticalSection
DisableThreadLibraryCalls
InitializeCriticalSection
GetACP
GetVersionExA
FormatMessageA
FileTimeToLocalFileTime
FileTimeToSystemTime
FreeLibrary
CopyFileA
DeleteFileA
MoveFileA
CopyFileW
CreateFileA
MoveFileW
GetModuleFileNameA
CompareStringA
CompareStringW
GetThreadLocale
GetProfileStringA
GetTempPathA
HeapAlloc
HeapCreate
HeapReAlloc
HeapFree
MulDiv
GlobalSize
GlobalAlloc
Sleep
GetFileTime
LocalAlloc
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetCommandLineA
RaiseException
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetEnvironmentVariableA
HeapDestroy
VirtualFree
VirtualAlloc
IsBadWritePtr
LocalLock
LocalUnlock
LocalFree
lstrcmpiA
FindFirstFileA
FindNextFileA
FindClose
LoadLibraryA
GlobalLock
GlobalUnlock
GlobalFree
SetFilePointer
lstrcpynA
lstrcatA
GetCurrentThreadId
CreateThread
ResumeThread
GetTickCount
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
lstrcmpA
lstrlenW
GetModuleFileNameW
LoadLibraryW
OutputDebugStringA
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
SetLastError
EnterCriticalSection
LeaveCriticalSection
GetLocalTime
SystemTimeToFileTime
CompareFileTime
IsDebuggerPresent
lstrcpyA
IsValidCodePage
GetLastError
WaitForSingleObject
TerminateThread
GetFullPathNameA
CreateDirectoryA
GetFileAttributesA
GetFileSize
ReadFile
WriteFile
CloseHandle
InterlockedIncrement
InterlockedDecrement
lstrlenA
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetCPInfo
GetOEMCP
FlushFileBuffers
IsBadCodePtr
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEndOfFile
SetEnvironmentVariableA
DeleteFileW

user32

SendDlgItemMessageA
CallWindowProcA
RemovePropA
GetWindowThreadProcessId
SetPropA
SetWindowLongW
MessageBeep
GetKeyState
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
MoveWindow
ClientToScreen
SetRect
InvalidateRect
UpdateWindow
PtInRect
ClipCursor
GetWindowTextA
GetDlgItem
EnableWindow
GetDlgItemTextA
GetDlgCtrlID
EndDialog
SetClassLongA
BeginPaint
GetClientRect
EndPaint
CreatePopupMenu
RemoveMenu
GetDC
ReleaseDC
wsprintfA
GetWindowLongA
DefWindowProcA
BringWindowToTop
GetMessageA
TranslateMessage
DispatchMessageA
EnableMenuItem
GetCursorPos
GetMenuItemInfoA
EndMenu
MapWindowPoints
TrackPopupMenu
ChangeClipboardChain
DestroyWindow
DestroyMenu
GetParent
CopyRect
FillRect
DrawEdge
GetSysColorBrush
FrameRect
InflateRect
DrawIconEx
GetMenuItemCount
GetSubMenu
CharUpperA
SendMessageA
CreateWindowExA
RegisterClassA
IsWindow
GetClassInfoA
ShowWindow
SetClipboardViewer
SetFocus
GetSysColor
LoadImageA
DestroyIcon
LoadStringA
SetWindowLongA
PostMessageA
LoadCursorA
SetCursor
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
MessageBoxA
SetMenuItemInfoA
DestroyCursor
FindWindowExA
GetClipboardOwner
SetRectEmpty
GetSystemMenu
DrawFocusRect
CheckDlgButton
IsDlgButtonChecked
IsWindowEnabled
LoadMenuA
EnumChildWindows
GetClassNameA
ChildWindowFromPoint
ReleaseCapture
SetCapture
SendMessageW
wvsprintfW
wvsprintfA
CreateDialogParamW
CreateDialogParamA
DialogBoxParamW
DialogBoxParamA
GetMenuStringW
GetMenuStringA
InsertMenuW
InsertMenuA
AppendMenuW
AppendMenuA
SetWindowTextW
SetWindowTextA
SetDlgItemTextW
SetDlgItemTextA
MessageBoxW
DrawTextW
DrawTextA
GetSystemMetrics
LoadIconA
LoadStringW
GetWindowRect
GetCapture
GetPropA

gdi32

SetViewportOrgEx
SaveDC
SetROP2
GetObjectA
GetTextExtentPoint32A
RestoreDC
GetDIBits
SetWindowOrgEx
CreateRectRgnIndirect
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
CreatePen
BitBlt
GetStockObject
CreatePenIndirect
Rectangle
MoveToEx
LineTo
GetDeviceCaps
CreateHalftonePalette
SelectPalette
RealizePalette
CreateSolidBrush
CreateFontIndirectA
SelectObject
LPtoDP
SetMapMode
SetBkMode
SetTextColor
GetTextExtentPoint32W
DeleteObject

winspool.drv

EndDocPrinter
WritePrinter
StartDocPrinterA
ClosePrinter
EnumPrintersA
OpenPrinterA
OpenPrinterW
GetPrinterA
GetPrinterW

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExW
RegEnumKeyA
CryptVerifySignatureA
CryptCreateHash
CryptHashData
CryptSignHashA
CryptDestroyHash
CryptReleaseContext
CryptAcquireContextA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA

ole32

CreateILockBytesOnHGlobal
CoCreateInstance
OleRegEnumVerbs
OleRegGetUserType
CreateOleAdviseHolder
CoTaskMemFree
ProgIDFromCLSID
StgCreateDocfile
CoGetClassObject
CreateBindCtx
OleDoAutoConvert
OleGetAutoConvert
CreateFileMoniker
WriteClassStg
ReadClassStg
StgOpenStorage
GetClassFile
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoDisconnectObject
CoTaskMemAlloc
CLSIDFromString
StringFromCLSID
CLSIDFromProgID

oleaut32

OleTranslateColor
SysAllocString
SysFreeString
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
VariantCopy
SysStringByteLen
SysStringLen
VariantInit
VariantClear
CreateErrorInfo
SetErrorInfo
SafeArrayCreate
SafeArrayAccessData

odbc32

ord43
ord16
ord31
ord9
ord36
ord19
ord63
ord45
ord72
ord12
ord48
ord49
ord75
ord24
ord39
ord7
ord11
ord13

msimg32

GradientFill

crypt32

CertEnumCertificatesInStore
CertFreeCertificateContext
CryptAcquireCertificatePrivateKey
CertOpenSystemStoreA
CertGetCertificateContextProperty
CertAddEncodedCertificateToStore
CertGetIssuerCertificateFromStore
CertVerifyTimeValidity
CryptImportPublicKeyInfo
CertDuplicateCertificateContext
CertGetNameStringW
CertCloseStore
CertFindCertificateInStore
CertGetNameStringA

cryptui

CryptUIDlgViewCertificateA
CryptUIDlgViewCertificateW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3847ac946f4242ebf8571248863e86f3

Headers

File Characteristics

Imports

oledlg

wininet

shlwapi

shell32

comctl32

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

oleaut32

odbc32

msimg32

crypt32

cryptui

Exports

Exports

Sections

.text Size: 301KB - Virtual size: 300KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 31KB - Virtual size: 37KB

.rsrc Size: 70KB - Virtual size: 70KB

.reloc Size: 19KB - Virtual size: 19KB

.text
Size: 301KB - Virtual size: 300KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 31KB - Virtual size: 37KB

.rsrc
Size: 70KB - Virtual size: 70KB

.reloc
Size: 19KB - Virtual size: 19KB