0d676aac815f7d0f87af0ea1c7c1d29a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d676aac815f7d0f87af0ea1c7c1d29a_JaffaCakes118
Size

1.9MB
MD5

0d676aac815f7d0f87af0ea1c7c1d29a
SHA1

31d0271792fc927248f886874efb2a4761a5da05
SHA256

74131655efeff791965a731b0baeb77c9150653164aec1418aee5d5abab89ae2
SHA512

8b0b2dbbe898f31415345032a7fa57649db12eb6762db0d6f09a9dd850a64daaaa4456f6fc73f57b92a8b7fcc80848c902ecca641da1a30f2139f438f70c6103
SSDEEP

24576:/cOCsSo2BkpxfSuZhUGvtkC/UbpMtkC/UbpEtscJ2/a7L6pzFWaq:Ec72UVZbIb+IbqtvQ/anwzFHq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d676aac815f7d0f87af0ea1c7c1d29a_JaffaCakes118

Files

0d676aac815f7d0f87af0ea1c7c1d29a_JaffaCakes118
.exe windows:6 windows x86 arch:x86

ced3a6fd1d435ad0c19f5d1a5ce88349

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

DVDMaker.pdb

Imports

advapi32

GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
TraceEvent
DeregisterEventSource
ReportEventW
RegDeleteKeyW
RegisterEventSourceW
RegQueryValueExW

kernel32

GetCommandLineW
HeapSetInformation
SetErrorMode
Sleep
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
LoadLibraryW
GetUserDefaultUILanguage
GetUserDefaultLCID
InterlockedDecrement
lstrlenW
InterlockedIncrement
GetProcAddress
GetModuleHandleW
lstrcmpiW
LocalFree
FormatMessageW
FlushInstructionCache
GetCurrentProcess
LocalAlloc
CreateMutexW
GetFileAttributesW
CreateFileW
CloseHandle
DeleteFileW
CreateThread
FindNextFileW
GetLocaleInfoW
CompareStringOrdinal
EnumResourceLanguagesW
GetVersionExW
LockResource
ExpandEnvironmentStringsW
GlobalFree
ReleaseMutex
FindFirstFileW
GetFullPathNameW
FindClose
OutputDebugStringA
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
VirtualAlloc
VirtualFree
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapSize
HeapReAlloc
HeapDestroy
HeapFree
lstrlenA
CompareStringW
InterlockedExchange
DeleteCriticalSection
GetVersion
WideCharToMultiByte
GetVersionExA
lstrcmpW
MulDiv
GetModuleFileNameW
RaiseException
FindResourceExW
CreateIoCompletionPort
ReadDirectoryChangesW
GetQueuedCompletionStatus
GetShortPathNameW
FreeResource
GetVolumeNameForVolumeMountPointW
FindFirstVolumeW
FindNextVolumeW
GetVolumePathNamesForVolumeNameW
FindVolumeClose
EnumUILanguagesW
GetDateFormatW
GetWindowsDirectoryW
CreateEventW
SetEvent
WaitForSingleObject
GetACP
EnterCriticalSection
GetLastError
GetCurrentThreadId
SetLastError
InitializeCriticalSection
LeaveCriticalSection

gdi32

SetBkColor
SetBrushOrgEx
SetTextColor
SetBkMode
CreateFontIndirectW
PatBlt
CreateDIBSection
GetTextMetricsW
GetTextExtentPoint32W
AddFontResourceW
CreateBitmap
EnumFontFamiliesExW
CreatePatternBrush
GetCurrentObject
GetObjectA
GetStockObject
GetObjectW
CreateSolidBrush
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
DeleteDC
GetDeviceCaps

user32

IsWindowUnicode
DrawTextA
MapDialogRect
CreateDialogIndirectParamW
SendMessageA
GetClassNameA
GetWindowLongA
InsertMenuW
EndDialog
SetDlgItemTextW
RegisterClipboardFormatW
FlashWindow
FindWindowW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateAcceleratorTableW
CreateWindowExW
RegisterClassExW
LoadCursorW
GetClassInfoExW
IsWindow
SendMessageW
GetFocus
GetWindow
SetFocus
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
DestroyWindow
FillRect
ReleaseCapture
GetClassNameW
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
SetWindowPos
MoveWindow
GetSysColor
DefWindowProcW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
LoadStringW
GetWindowLongW
SetWindowLongW
CharNextW
UnregisterClassA
CharLowerW
CharUpperW
ShowWindow
LockSetForegroundWindow
SystemParametersInfoW
GetWindowRect
GetWindowPlacement
MapWindowPoints
LoadIconW
LoadBitmapW
CreateDialogParamW
MessageBoxW
SetProcessDefaultLayout
PostMessageW
UpdateWindow
TranslateAcceleratorW
LoadMenuW
DestroyMenu
LockWindowUpdate
LoadImageW
GetMenuItemCount
GetMenuItemInfoW
SetMenuItemInfoW
GetMonitorInfoW
MonitorFromPoint
TrackPopupMenuEx
ModifyMenuW
LoadAcceleratorsW
GetSubMenu
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
IsMenu
SetForegroundWindow
GetSystemMetrics
IsWindowVisible
IsWindowEnabled
GetWindowThreadProcessId
GetActiveWindow
GetMenuItemID
DrawTextW
DrawFrameControl
DrawEdge
FrameRect
MessageBeep
WindowFromPoint
GetMessagePos
GetWindowDC
GetSysColorBrush
SetRectEmpty
InflateRect
GetKeyState
OffsetRect
PtInRect
CloseClipboard
GetClipboardData
OpenClipboard
SetTimer
KillTimer
SetCursor
EnableMenuItem
GetDlgCtrlID
DrawFocusRect
GetCursorPos
GetCapture
DrawTextExW
EnableWindow
DialogBoxParamW

msvcrt

__dllonexit
_unlock
_errno
realloc
_except_handler4_common
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
wcscpy_s
memmove_s
wcscat_s
_stricmp
_wsplitpath_s
memcpy
_wtof
wcstoul
fclose
fread
_wfopen
_wcslwr_s
_wtoi64
swprintf_s
??2@YAPAXI@Z
wcsncpy_s
malloc
??_U@YAPAXI@Z
memset
memcpy_s
_CxxThrowException
free
_onexit
_controlfp
??_V@YAXPAX@Z
wcstol
_ftol2
_wcsicmp
_vsnwprintf
iswspace
qsort
wcscoll
_ftol2_sse
wcsstr
_purecall
wcsrchr
__CxxFrameHandler3
??3@YAXPAX@Z
wcspbrk
_lock

shell32

SHCreateItemFromParsingName
SHGetFolderPathW
SHGetSpecialFolderLocation
DragQueryFileW
SHCreateShellItem
CommandLineToArgvW
SHCreateQueryCancelAutoPlayMoniker
ShellExecuteW
DragFinish
DragQueryPoint
SHGetPathFromIDListW
SHBrowseForFolderW
ord155
ord190

ole32

CoTaskMemRealloc
CoResumeClassObjects
CoRevokeClassObject
CoRegisterClassObject
ReleaseStgMedium
CoInitializeEx
CoUninitialize
RegisterDragDrop
RevokeDragDrop
GetRunningObjectTable
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
OleInitialize
OleUninitialize

oleaut32

SysAllocStringLen
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
VarBstrCmp
SysStringByteLen
VarUI4FromStr
SysAllocString
SysStringLen
SysFreeString

omdproject

OmdGetClassObject

comdlg32

ChooseColorW
GetSaveFileNameW
GetOpenFileNameW

shlwapi

SHAutoComplete
PathFindExtensionW
PathFileExistsW
PathAppendW
PathFindFileNameW

gdiplus

GdipBitmapLockBits
GdipImageRotateFlip
GdipCloneImage
GdipDrawImageRectRectI
GdipDrawImageRectI
GdipSetImageAttributesColorMatrix
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDisposeImageAttributes
GdipDrawImageI
GdipSetCompositingMode
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipDrawImageRect
GdipGetFamily
GdipGetFamilyName
GdipDrawString
GdipFillRectangle
GdipSetTextRenderingHint
GdipSetStringFormatFlags
GdipCreateFont
GdipDeleteFontFamily
GdipCreateImageAttributes
GdipBitmapUnlockBits
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipDeleteGraphics
GdipDeleteFont
GdipCreateFromHDC
GdipGraphicsClear
GdipCreateFontFromLogfontA
GdipFree
GdipAlloc
GdipDeleteMatrix
GdipDeleteBrush
GdipCreatePen1
GdipDeletePen
GdipCreatePath
GdipDeletePath
GdipSetPathGradientCenterColor
GdipGetPathGradientPointCount
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterPoint
GdipCreateMatrix
GdipTranslateMatrix
GdipScaleMatrix
GdipSetPenMode
GdipClosePathFigure
GdipGetPathLastPoint
GdipAddPathLine
ord1
GdipAddPathRectangle
GdipAddPathEllipse
GdipTransformPath
GdipCreatePathGradientFromPath
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipSetWorldTransform
GdipDrawPath
GdipFillPath
GdipCloneBrush
GdipCreateHBITMAPFromBitmap
GdipCreateSolidFill
GdipGetImageGraphicsContext
GdipFillRectangleI
GdipCreateStringFormat
GdipCreateFontFromDC
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipDeleteStringFormat

d3d9

Direct3DCreate9Ex
Direct3DCreate9

uxtheme

SetWindowTheme

slc

SLGetWindowsInformationDWORD

wmvcore

WMCreateSyncReader

Exports

Exports

??0CtrlContainerFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAXPAVCompositeFrame@1@@Z
??0CtrlFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAXPAVCompositeFrame@1@@Z
??0FrameEqualizer@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@@Z
??0GroupBoxFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAX1PAVCompositeFrame@1@@Z
??0GroupBoxFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAXPAVCompositeFrame@1@@Z
??0HorizFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAVCompositeFrame@1@@Z
??0IMsoAutoLayoutDialog@DlgAutoLayout@@IAE@XZ
??0ListEditFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAX1PAVCompositeFrame@1@@Z
??0MsoWCtrlContainerFrame@@QAE@AAVIMsoWAutoLayoutDialog@@GPAVMsoWCompositeFrame@@@Z
??0MsoWCtrlFrame@@QAE@AAVIMsoWAutoLayoutDialog@@GPAVMsoWCompositeFrame@@@Z
??0MsoWFrameEqualizer@@QAE@AAVIMsoWAutoLayoutDialog@@@Z
??0MsoWGroupBoxFrame@@QAE@AAVIMsoWAutoLayoutDialog@@GGPAVMsoWCompositeFrame@@@Z
??0MsoWGroupBoxFrame@@QAE@AAVIMsoWAutoLayoutDialog@@GPAVMsoWCompositeFrame@@@Z
??0MsoWHorizFrame@@QAE@AAVIMsoWAutoLayoutDialog@@PAVMsoWCompositeFrame@@@Z
??0MsoWListEditFrame@@QAE@AAVIMsoWAutoLayoutDialog@@GGPAVMsoWCompositeFrame@@@Z
??0MsoWNumInputFrame@@QAE@AAVIMsoWAutoLayoutDialog@@GGPAVMsoWCompositeFrame@@@Z
??0MsoWOverlapFrame@@QAE@AAVIMsoWAutoLayoutDialog@@PAVMsoWCompositeFrame@@@Z
??0MsoWTabCtrlFrame@@QAE@AAVIMsoWAutoLayoutDialog@@GPAVMsoWCompositeFrame@@@Z
??0MsoWTableFrame@@QAE@AAVIMsoWAutoLayoutDialog@@HHPAVMsoWCompositeFrame@@@Z
??0MsoWVertFrame@@QAE@AAVIMsoWAutoLayoutDialog@@PAVMsoWCompositeFrame@@@Z
??0NumInputFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAX1PAVCompositeFrame@1@@Z
??0NumInputFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAXPAVCompositeFrame@1@@Z
??0OverlapFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAVCompositeFrame@1@@Z
??0TabCtrlFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAX1PAVCompositeFrame@1@@Z
??0TabCtrlFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAXPAVCompositeFrame@1@@Z
??0TableFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@HHPAVCompositeFrame@1@@Z
??0VertFrame@DlgAutoLayout@@QAE@AAVIMsoAutoLayoutDialog@1@PAVCompositeFrame@1@@Z
??1IMsoAutoLayoutDialog@DlgAutoLayout@@MAE@XZ
_MsoDALCheckBoxBMHeight@0
_MsoDALCheckBoxBMWidth@0
_MsoDALCheckBoxBMWidthPlusMargin@4
_MsoDALDestructFrames@4
_MsoDALEditStrHeightPix@4
_MsoDALFDlgIsValid@4
_MsoDALGroupBoxNoLabelTopAdjustPix@4
_MsoDALMarkDlgInvalid@4
_MsoDALSuspendFrameDestruction@4
_MsoDUToPix@12
_MsoDestroyIMsoWAutoLayoutDialog@4
_MsoFCreateIMsoWAutoLayoutDialog@12
_MsoPixToDU@12
_MsoWIsAutoLayoutEnabled@8
_MsoWTabCtrlIndexToHwnd@8

Sections

.text
Size: 383KB - Virtual size: 383KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ced3a6fd1d435ad0c19f5d1a5ce88349

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

gdi32

user32

msvcrt

shell32

ole32

oleaut32

omdproject

comdlg32

shlwapi

gdiplus

d3d9

uxtheme

slc

wmvcore

Exports

Exports

Sections

.text Size: 383KB - Virtual size: 383KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.reloc Size: 26KB - Virtual size: 46KB

.text
Size: 383KB - Virtual size: 383KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

.reloc
Size: 26KB - Virtual size: 46KB