0f5b0a382e8160355fa09e895aeefacb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f5b0a382e8160355fa09e895aeefacb_JaffaCakes118
Size

283KB
MD5

0f5b0a382e8160355fa09e895aeefacb
SHA1

84ab7dd82642b18eee99d2521ab792f99df17b7d
SHA256

4cf3b493059806f6329a3cf1af7bca4519096f2085af0acb7172641e64ff4e53
SHA512

16939681161a679a5150a1d641720967c56f54d1d6716acedb4da2c5cb54f9b793050b95246b37c6d9c4fe698665106945aff8c65e27bd35c8c7d2f45591f4cb
SSDEEP

3072:XZ+uvE6Dx/stuJbTqwBiUJI3vJqJA7siI0I/SUL179Hyc1W:XVzEc4wBDJI3hqm7siI0I5U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f5b0a382e8160355fa09e895aeefacb_JaffaCakes118

Files

0f5b0a382e8160355fa09e895aeefacb_JaffaCakes118
.dll windows:5 windows x86 arch:x86

6334c9db07884d5414d57903fc441b3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DefineDosDeviceW
DeleteFileW
DeleteTimerQueueTimer
EnumDateFormatsExW
EnumResourceLanguagesW
EnumUILanguagesA
ExitProcess
ExpandEnvironmentStringsW
lstrcpynW
lstrcpyW
lstrcmpi
lstrcmpA
_lcreat
_hwrite
_hread
WriteTapemark
WritePrivateProfileStructW
WritePrivateProfileSectionA
VirtualFreeEx
VerSetConditionMask
UpdateResourceW
TlsGetValue
SignalObjectAndWait
SetWaitableTimer
SetTimerQueueTimer
SetThreadPriority
SetThreadExecutionState
SetLocaleInfoW
SetHandleCount
SetFilePointer
SetConsoleScreenBufferSize
SetComputerNameExW
SetComputerNameExA
SetCalendarInfoW
SearchPathW
ScrollConsoleScreenBufferW
ResetEvent
RequestWakeupLatency
OutputDebugStringA
OpenSemaphoreA
OpenJobObjectA
MoveFileW
LockFile
LoadLibraryExA
IsSystemResumeAutomatic
IsBadCodePtr
InterlockedExchange
InterlockedCompareExchange
GlobalUnfix
GlobalAddAtomW
GetWindowsDirectoryW
GetVolumeInformationW
GetVersionExW
GetVersion
GetUserDefaultUILanguage
GetUserDefaultLCID
GetThreadPriorityBoost
GetTempPathW
GetStringTypeW
GetStartupInfoW
GetProfileSectionW
GetProcessTimes
GetPrivateProfileStringA
GetPrivateProfileIntA
GetNumberOfConsoleMouseButtons
GetLongPathNameW
GetLocalTime
GetFullPathNameW
GetDriveTypeW
GetDiskFreeSpaceExA
GetDefaultCommConfigA
GetConsoleDisplayMode
GetConsoleAliasesW
GetConsoleAliasesA
GetConsoleAliasW
GetCompressedFileSizeW
GetCommProperties
GetBinaryTypeA
FlushConsoleInputBuffer
DefineDosDeviceA
CreateWaitableTimerW
CreateWaitableTimerA
CreateTapePartition
CreateMutexW
CreateFileW
CreateIoCompletionPort
CreateHardLinkW
CreateConsoleScreenBuffer
CopyFileW
ConvertDefaultLocale
ContinueDebugEvent
CancelTimerQueueTimer
BuildCommDCBW
BindIoCompletionCallback
AreFileApisANSI
VirtualAllocEx
FindFirstChangeNotificationW

user32

BeginPaint
EndPaint
PostQuitMessage
DefWindowProcA
LoadIconA
CreateWindowExA

gdi32

DeviceCapabilitiesExW
XLATEOBJ_cGetPalette
SetViewportOrgEx
SetTextCharacterExtra
SetTextAlign
SetSystemPaletteUse
SetPolyFillMode
SetPixelV
SetPixelFormat
SetMapperFlags
SetFontEnumeration
SetEnhMetaFileBits
SetBrushOrgEx
SelectClipRgn
ScaleViewportExtEx
RemoveFontResourceExW
PtVisible
PolyTextOutW
PolyPolyline
PolyDraw
PolyBezier
PlayEnhMetaFileRecord
PATHOBJ_vEnumStart
OffsetRgn
LineTo
LPtoDP
InvertRgn
HT_Get8BPPFormatPalette
GetStretchBltMode
GetROP2
GetPolyFillMode
GetObjectA
GetMiterLimit
GetMapMode
GetFontUnicodeRanges
GetFontLanguageInfo
GetFontData
GetEnhMetaFilePaletteEntries
GetEnhMetaFileDescriptionW
GetEnhMetaFileDescriptionA
GetColorAdjustment
GetCharWidthA
GetBoundsRect
GdiSwapBuffers
GdiSetServerAttr
GdiSetBatchLimit
GdiPlayJournal
GdiPlayDCScript
GdiInitializeLanguagePack
GdiGetPageHandle
GdiGetBatchLimit
GdiEntry2
GdiEntry11
GdiCreateLocalEnhMetaFile
GdiConvertMetaFilePict
GdiConvertEnhMetaFile
GdiComment
FrameRgn
FONTOBJ_pxoGetXform
FONTOBJ_cGetGlyphs
EudcLoadLinkW
EnumEnhMetaFile
EngTextOut
EngReleaseSemaphore
EngQueryLocalTime
EngGradientFill
EngGetDriverName
EngFindResource
EngDeletePath
EngCreatePalette
EngCreateDeviceSurface
EngCreateDeviceBitmap
EngCreateClip
EngCheckAbort
EngAcquireSemaphore
EndDoc
EnableEUDC
CopyEnhMetaFileW
DeleteColorSpace
AnimatePalette
CLIPOBJ_ppoGetPath
CloseEnhMetaFile
DPtoLP
CopyMetaFileW
CreateCompatibleDC
CreateDCW
CreateDIBitmap
CreateDiscardableBitmap
CreateFontIndirectExA
CreateICW
CreatePolyPolygonRgn
CreatePolygonRgn

comdlg32

PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
PrintDlgA
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA
PrintDlgExW
PrintDlgW
ReplaceTextA
ReplaceTextW
PrintDlgExA
CommDlgExtendedError
FindTextA

advapi32

RegOpenKeyW
RegOpenKeyExW

ole32

WriteFmtUserTypeStg
UtConvertDvtd32toDvtd16
StringFromIID
StringFromCLSID
StgSetTimes
StgPropertyLengthAsVariant
StgOpenAsyncDocfileOnIFillLockBytes
StgGetIFillLockBytesOnILockBytes
StgCreatePropStg
SetDocumentBitStg
STGMEDIUM_UserUnmarshal
STGMEDIUM_UserFree
SNB_UserSize
PropVariantClear
PropStgNameToFmtId
OleTranslateAccelerator
OleSetClipboard
OleSetAutoConvert
OleSaveToStream
OleSave
OleRun
OleRegGetUserType
OleRegEnumVerbs
OleQueryCreateFromData
OleIsCurrentClipboard
OleInitializeWOW
OleCreateMenuDescriptor
OleCreateLinkToFileEx
OleCreateLinkToFile
OleCreateLinkEx
OleCreateFromFile
OleCreateFromDataEx
OleCreateEmbeddingHelper
OleCreateDefaultHandler
OleCreate
OleConvertOLESTREAMToIStorageEx
HWND_UserMarshal
HWND_UserFree
HPALETTE_UserUnmarshal
HPALETTE_UserMarshal
HMETAFILE_UserMarshal
HMETAFILEPICT_UserUnmarshal
HMETAFILEPICT_UserMarshal
HMETAFILEPICT_UserFree
HMENU_UserMarshal
HMENU_UserFree
HICON_UserMarshal
HGLOBAL_UserSize
HGLOBAL_UserMarshal
HENHMETAFILE_UserSize
HDC_UserUnmarshal
HDC_UserSize
GetRunningObjectTable
GetHookInterface
FreePropVariantArray
EnableHookObject
DoDragDrop
CreateOleAdviseHolder
CreateObjrefMoniker
CreateItemMoniker
CreateGenericComposite
CreateDataCache
CreateAntiMoniker
CoSwitchCallContext
CoSuspendClassObjects
CoSetProxyBlanket
CoSetCancelObject
CoRevokeClassObject
CoResumeClassObjects
CoRegisterSurrogate
CoRegisterPSClsid
CoRegisterMallocSpy
CoReactivateObject
CoIsOle1Class
CoInitialize
CoGetInterfaceAndReleaseStream
CoGetClassVersion
CoGetCallerTID
CoFreeLibrary
CoFreeAllLibraries
CoDisconnectObject
CoCreateInstanceEx
CoCreateGuid
CoCreateFreeThreadedMarshaler
CoCopyProxy
CoBuildVersion
CLSIDFromString

msvcrt

wprintf
tmpfile
time
tanh
swscanf
strtoul
strchr
sscanf
signal
setlocale
rand
printf
labs
iswxdigit
iswprint
isleadbyte
gmtime
getenv
getc
freopen
fputws
fputs
fgetwc
ferror
ctime
atof
atexit
acos
_yn
_wtoi64
_wtmpnam
_wtempnam
_wsystem
_wstrtime
_wstati64
_wpgmptr
_wperror
_wmktemp
_wgetdcwd
_wfreopen
_wfdopen
_wenviron
_wcsncoll
_wcsdup
_wcmdln
_waccess
_unlock
_timezone
_tell
_sys_errlist
_strtime
_strdup
_stat
_spawnlp
_spawnl
_onexit
_mbsspnp
_mbsninc
_mbsnicmp
_mbsnbcmp
_ltow
_itoa
_ismbcalnum
_ismbbpunct
_ismbbgraph
_initterm
_gmtime64
_ftime64
_fsopen
_findnexti64
_findfirsti64
_findfirst
_filbuf
_fdopen
_execl
_environ
_clearfp
_cexit
_beginthreadex
_atoi64
_adj_fdivr_m32i
_adj_fdivr_m32
__unDNameEx
__p__pctype
__p__dstbias
__p__amblksiz
__p___argc
__argv
_CIatan
_EH_prolog
_Getdays
_XcptFilter
__RTDynamicCast
__RTtypeid

Sections

.text
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6334c9db07884d5414d57903fc441b3c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

msvcrt

Sections

.text Size: 266KB - Virtual size: 266KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 1024B - Virtual size: 680B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 266KB - Virtual size: 266KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 1024B - Virtual size: 680B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 3KB - Virtual size: 2KB