09d38a3e3f5709aac43e15042760f6b4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

09d38a3e3f5709aac43e15042760f6b4_JaffaCakes118
Size

96KB
MD5

09d38a3e3f5709aac43e15042760f6b4
SHA1

7c28213b3c26cb35378116532bddca6847699fdc
SHA256

89cef3098c31d9221d7219685fb3dc056ea920994f05b829023aaf8fddac2c65
SHA512

1a99a8c55be9dc265260f61a8f2425d31ffc9746acc10153e1b9e1de0ba9799e12b81a68658b44946a7183fd84769363c8a5d611a59740b0612040ced5eaeec9
SSDEEP

1536:zGRo0VrvkR3A5Lxj6+isM+4eqyTdvh2LkdnvlenTSwvvQOldHWRz2p3XYZVjPUZt:Ew80+isM+fTXxncnT9h/Gzq47PUZDI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09d38a3e3f5709aac43e15042760f6b4_JaffaCakes118

Files

09d38a3e3f5709aac43e15042760f6b4_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

04f84a70edb5dd305088dcc0670b9835

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleW
GetNumberOfConsoleInputEvents
lstrcpyW
GetDiskFreeSpaceW
LCMapStringW
GetCommandLineA
GetDateFormatW
GetFileAttributesW
SystemTimeToFileTime
Beep
GetCommProperties
CreateFileW
LCMapStringA
SystemTimeToTzSpecificLocalTime
ReadDirectoryChangesW
SetVolumeLabelW
GetUserDefaultUILanguage
FindClose
SetMailslotInfo
SetEndOfFile
HeapCreate
InterlockedCompareExchange
MoveFileExW
GetQueuedCompletionStatus
IsBadReadPtr
SetStdHandle
SleepEx
SetupComm
GetProfileIntW
lstrlenW
BackupWrite
GetFileInformationByHandle
UnlockFile
GetSystemTimeAdjustment
LocalSize
SuspendThread
GetBinaryTypeW
SetCurrentDirectoryW
GetModuleHandleW
GetFileAttributesA
GlobalGetAtomNameW
CopyFileW
lstrcmpiW
FormatMessageW
VerLanguageNameW
OpenFile
RemoveDirectoryA
GetProfileStringW
CreateEventW
RegisterWaitForSingleObjectEx
GetExitCodeProcess
OpenMutexW
CreateJobObjectW
GetTimeFormatA
RegisterWaitForSingleObject
IsBadHugeReadPtr
FindActCtxSectionGuid
GetConsoleCP
GetStringTypeExA
ReadConsoleW
FindFirstFileA
FillConsoleOutputCharacterW
ResumeThread
DuplicateHandle
OpenThread
FlushViewOfFile
SetTimeZoneInformation
GetVolumeInformationW
PostQueuedCompletionStatus
WaitForMultipleObjectsEx
GetCommMask
GetDefaultCommConfigW
OpenProcess
GetTimeZoneInformation
DosDateTimeToFileTime
TerminateProcess
SetLocalTime
GetVersionExW
GetCommModemStatus
AddRefActCtx
GetCommTimeouts
FindResourceW
GetLargestConsoleWindowSize
ResetEvent
QueueUserAPC
RaiseException
WriteConsoleA
GetTempPathA
IsDBCSLeadByte
EnumResourceLanguagesW
lstrcpynA
SetEnvironmentVariableW
CreateNamedPipeW
IsValidLocale
ExitThread
SetSystemTime
FindNextChangeNotification
GetTempFileNameA
GetUserDefaultLCID
GetStringTypeA
WaitForSingleObjectEx
SetConsoleWindowInfo
GetEnvironmentStrings
FlushFileBuffers
CancelWaitableTimer
GetTempFileNameW
OpenSemaphoreW
GetCurrencyFormatA
FindVolumeMountPointClose
CreateIoCompletionPort
ClearCommError
SearchPathW
GlobalMemoryStatus
PurgeComm
CreateTimerQueue
VirtualAlloc
FillConsoleOutputAttribute
GetDriveTypeW
LocalFileTimeToFileTime
GlobalReAlloc
GetCurrentDirectoryA
DeleteFileW
DeviceIoControl
CopyFileA
Sleep
CloseHandle
InitializeCriticalSection
LoadLibraryA
GetProcAddress
ReadFile
MapViewOfFile
GetModuleHandleA
CreateProcessA
MoveFileA
GetComputerNameA
InterlockedExchange
InterlockedIncrement
GetSystemTimeAsFileTime
LeaveCriticalSection
HeapFree
InterlockedDecrement
CreateFileMappingA
WriteFile
GetProcessHeap
GlobalAlloc
UnmapViewOfFile
ReleaseMutex
CreateDirectoryA
DeleteFileA
GetLastError
CreateMutexA
VirtualQuery
VirtualFree

ole32

CreatePointerMoniker
OleGetAutoConvert
CreateDataAdviseHolder
CoRegisterMessageFilter
OleQueryCreateFromData
CoTaskMemRealloc
FreePropVariantArray
OleSetContainedObject
StgIsStorageILockBytes
StgOpenStorageOnILockBytes
SetConvertStg
OleInitialize
ReadFmtUserTypeStg
GetHGlobalFromILockBytes
CoCreateFreeThreadedMarshaler
GetHGlobalFromStream
CoAllowSetForegroundWindow
CreateAntiMoniker
OleCreateLink
OleCreateLinkToFile
OleRegEnumVerbs
OleDoAutoConvert
CoAddRefServerProcess
CoGetMalloc
OleTranslateAccelerator
CoDisableCallCancellation
OleDestroyMenuDescriptor
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize

user32

DrawIconEx
GetDCEx
GetWindowLongW
MonitorFromRect
SendMessageTimeoutW
DrawEdge
GetWindowTextLengthW
CharToOemBuffA
DefDlgProcW
IsIconic
ValidateRect
IsCharAlphaNumericA
CharUpperA
IsCharAlphaNumericW
InSendMessage
ToAsciiEx
LoadMenuW
GetCaretPos
EndTask
SetWindowPos
SetParent
DestroyAcceleratorTable
FillRect
DrawMenuBar
MapVirtualKeyExW
ShowOwnedPopups
SetCapture
CopyRect
CharUpperW
InsertMenuW
SetScrollPos
DrawIcon
LoadImageW
wvsprintfA
InsertMenuItemW
IsDlgButtonChecked
GetMonitorInfoW
GetCaretBlinkTime
RegisterWindowMessageA
DefFrameProcA
GetClassInfoExA
CreateDialogIndirectParamA
GetPropA
TrackPopupMenuEx
ReuseDDElParam
CharToOemW
DefWindowProcW
WaitForInputIdle
IsWindow
RedrawWindow
UnregisterClassA
GetWindowWord
SendNotifyMessageW
ChildWindowFromPointEx
DialogBoxParamW
ClientToScreen
GetUserObjectInformationW
GetScrollInfo
ChangeDisplaySettingsW
SetMessageQueue
SetProcessDefaultLayout
ShowWindowAsync
CallMsgFilterW
GetParent
SetRectEmpty
VkKeyScanA
SetMenuDefaultItem
ScrollDC
GetScrollPos
PostMessageA
DrawTextA
LoadStringA
GetMenuItemInfoW
SetFocus
TrackMouseEvent
GetClassInfoExW
InsertMenuItemA
GetTabbedTextExtentA
PostThreadMessageA
FrameRect
LoadIconW
GetClassInfoW
GetWindowTextW
LoadBitmapA
CreateWindowExA
GetMenuState
KillTimer
LoadAcceleratorsA
FindWindowExA
RemovePropW
ReleaseCapture
DefDlgProcA
AppendMenuA
SetProcessWindowStation
EndDialog
CheckMenuItem
WinHelpA
GetMessageTime
SetClassLongA
SetThreadDesktop
CreateAcceleratorTableW
LoadIconA
CallWindowProcW
CallWindowProcA
CopyAcceleratorTableW
DrawTextExA
UnregisterClassW
MapVirtualKeyW
SetDlgItemTextA
SetActiveWindow
SetClassLongW
GetClassNameA
PeekMessageA
DispatchMessageA
SendMessageA
FindWindowA
UnhookWindowsHookEx
CallNextHookEx
GetWindowThreadProcessId
SetWindowsHookExA
GetMessageA
ChangeDisplaySettingsA

shlwapi

PathUnquoteSpacesW
StrStrA
PathIsDirectoryW
SHRegGetUSValueW
PathGetDriveNumberW
UrlCombineW
UrlCanonicalizeW
SHGetValueW
PathFindNextComponentW
StrCatBuffW
PathStripToRootW
StrStrIA
StrFormatKBSizeW
StrNCatW
PathRemoveBackslashW
StrCmpW
StrCmpIW
PathAddBackslashW
SHSetValueA
StrTrimW
PathStripPathW
PathFindExtensionW
PathGetCharTypeW
SHGetValueA
StrCmpNW
PathIsUNCServerW
PathCompactPathW
PathFileExistsW
PathFindFileNameW
PathAppendA
PathSkipRootW
StrToIntA
StrCatW
StrStrIW
UrlGetPartW
wvnsprintfW
StrDupW
UrlUnescapeW
SHDeleteKeyA

gdi32

CreateRectRgnIndirect
CloseFigure
CreateDCW
GetObjectW
SetMetaFileBitsEx
PolyPolyline
SwapBuffers
CreateScalableFontResourceA
GetBitmapDimensionEx
ResizePalette
CreateHatchBrush
GetTextFaceW
SetBkColor
GetTextExtentExPointW
ExtFloodFill
GetEnhMetaFileHeader
SetMapMode
CreateHalftonePalette
GetMetaFileBitsEx
SetWindowExtEx
GetWindowOrgEx
GetObjectA
SetMapperFlags
RealizePalette
EqualRgn
Ellipse
GetCharWidthA
GetStretchBltMode
GetRandomRgn
GetFontResourceInfoW
GetTextCharsetInfo
EnumFontFamiliesW
GetEnhMetaFileBits
EnumFontFamiliesExA
ExtEscape
GetBkColor
CreateCompatibleDC
GetLayout
GetBkMode
SetTextAlign
PlayEnhMetaFileRecord
GetTextFaceA
StretchBlt
RoundRect
PolyBezierTo
SetPixel
CreatePalette
GetOutlineTextMetricsA
TranslateCharsetInfo
GetCharABCWidthsA
SetViewportOrgEx
SelectPalette
SetStretchBltMode
GetWindowExtEx
GetTextMetricsA
GetPaletteEntries
PlayEnhMetaFile
GetDCOrgEx
RemoveFontResourceW
GetTextColor
Polygon
GetROP2
CreateDIBitmap
SetBitmapDimensionEx
CreateICW
GetViewportExtEx
SetPolyFillMode
CopyMetaFileA
GetTextExtentPoint32W
GetRegionData
SetBkMode
SetDCBrushColor
GetMapMode
CreatePen
EndPath
CreatePolygonRgn
SetTextColor
GetNearestColor
GetPixelFormat
GetTextExtentPointW
BitBlt
ExtCreateRegion
GetGlyphOutlineW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04f84a70edb5dd305088dcc0670b9835

Headers

File Characteristics

Imports

kernel32

ole32

user32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB