124901c37d0e5210785eb6f88bf22c30_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

124901c37d0e5210785eb6f88bf22c30_JaffaCakes118
Size

881KB
MD5

124901c37d0e5210785eb6f88bf22c30
SHA1

53d9e56d3eb0e05f243e87d51e61ee6f23e584e9
SHA256

1c36533a858ae8f289687ca0b799365c6d17214f932b4e627ea3f46847946c07
SHA512

8c2ac3941e545ca3b937dffdea4b935d9bb88e2f1b31421040c9d4e0d63a08de11d5dc09596bc4ec513078d2f5b6f83a8d0c08ad98d23fa5a9f87d4ba0e0e484
SSDEEP

24576:5aevKw/n3Y9zzbvv+pPfUWiRljd0QL7AGn/y:5bvKw/ItvvExiRlmK75n/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
124901c37d0e5210785eb6f88bf22c30_JaffaCakes118

Files

124901c37d0e5210785eb6f88bf22c30_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f6e3f1dc0ff63055642549cf5c768688

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CopyFileW
VirtualFree
GlobalMemoryStatusEx
HeapAlloc
GetACP
InterlockedExchange
GetConsoleCP
WaitForSingleObject
MoveFileW
SetFilePointerEx
LCMapStringW
HeapFree
GetTimeFormatW
TlsAlloc
IsDebuggerPresent
SetEvent
HeapCreate
LoadLibraryW
SetErrorMode
UnhandledExceptionFilter
DeleteCriticalSection
GetDriveTypeW
GetTickCount
WritePrivateProfileStringW
GetWindowsDirectoryW
WritePrivateProfileSectionW
CreateFileW
HeapReAlloc
DuplicateHandle
GlobalFree
GetFileType
GetProcessIoCounters
GetShortPathNameW
RtlUnwind
WriteProcessMemory
GetExitCodeProcess
ReadProcessMemory
OutputDebugStringW
GlobalAlloc
IsValidCodePage
Sleep
SetHandleCount
ResumeThread
WriteConsoleW
GetComputerNameW
EnterCriticalSection
MulDiv
LoadLibraryA
FileTimeToSystemTime
GetSystemInfo
GetStdHandle
QueryPerformanceFrequency
GetSystemTimeAsFileTime
CreateProcessW
ExitProcess
GetModuleHandleW
GetStringTypeW
DeleteFileW
Process32FirstW
SetCurrentDirectoryW
GetCPInfo
HeapSize
FreeEnvironmentStringsW
FlushFileBuffers
GetCurrentDirectoryW
SetFileAttributesW
GetPrivateProfileSectionW
SystemTimeToFileTime
GetProcAddress
LoadResource
GetEnvironmentStringsW
GetLastError
GetEnvironmentVariableW
HeapDestroy
GetModuleHandleA
LoadLibraryExA
VirtualProtect
LockResource
RaiseException
SetFilePointer
CloseHandle
CreateDirectoryW
GetFileAttributesW
TlsGetValue
SetStdHandle
IsProcessorFeaturePresent
EnumResourceNamesW
TlsFree
FreeLibrary
GetFileSize
WideCharToMultiByte
GetConsoleMode
GetDiskFreeSpaceExW
lstrcmpiW
SetFileTime
DeviceIoControl
GetProcessHeap
VirtualAllocEx
CreateToolhelp32Snapshot
GetTimeZoneInformation
LeaveCriticalSection
GetDateFormatW
FileTimeToLocalFileTime
GetPrivateProfileSectionNamesW
SetEndOfFile
TlsSetValue
GetDiskFreeSpaceW
lstrlenW
GlobalLock
SetLastError
ReadFile
SizeofResource
FindFirstFileW
GetVolumeInformationW
SetEnvironmentVariableA
LocalFileTimeToFileTime
GetCurrentProcess
TerminateThread
VirtualFreeEx
SetEnvironmentVariableW
QueryPerformanceCounter
TerminateProcess
CreatePipe
VirtualAlloc
GetTempPathW
GetLocalTime
WriteFile
FindClose
OpenProcess
GetOEMCP
GetCurrentThread
CompareStringW
InterlockedDecrement
CreateThread
GetModuleFileNameW
GetTempFileNameW
InitializeCriticalSectionAndSpinCount
FindResourceW
ExitThread
GetFullPathNameW
FindNextFileW
lstrcpyW
GetCurrentThreadId
SetPriorityClass
GetPrivateProfileStringW
Process32NextW
GetCurrentProcessId
RemoveDirectoryW
SetUnhandledExceptionFilter
FormatMessageW
CreateHardLinkW
GlobalUnlock
GetCommandLineW
Beep
GetStartupInfoW
SetVolumeLabelW
GetSystemDirectoryW
LoadLibraryExW
MultiByteToWideChar
InterlockedIncrement
GetVersionExW
CreateEventW

user32

IsMenu
GetMessageW
SystemParametersInfoA
WindowFromPoint
MonitorFromPoint
IsIconic
CharLowerBuffA
TranslateAcceleratorA
SendMessageTimeoutA
BeginPaint
GetWindowRect
CopyRect
FlashWindow
GetWindowThreadProcessId
DestroyIcon
EmptyClipboard
wsprintfA
DrawFocusRect
GetClientRect
GetSubMenu
GetProcessWindowStation
CountClipboardFormats
GetAsyncKeyState
GetForegroundWindow
GetMenuItemID
GetWindowTextW
FindWindowW
GetMenuStringA
TranslateMessage
GetCursorPos
SendInput
SendDlgItemMessageA
IsDialogMessageA
LockWindowUpdate
ClientToScreen
ReleaseCapture
LoadCursorW
SetMenuItemInfoA
CloseDesktop
SetProcessWindowStation
AdjustWindowRectEx
LoadIconW
MessageBoxA
DestroyAcceleratorTable
VkKeyScanW
DestroyWindow
CreateAcceleratorTableA
IsZoomed
GetMenu
InsertMenuItemA
SetForegroundWindow
CharUpperBuffA
PostQuitMessage
CloseClipboard
MoveWindow
GetWindowDC
LoadImageA
SetWindowTextA
PostMessageA
SetClipboardData
SetKeyboardState
KillTimer
OpenDesktopA
EnumChildWindows
DispatchMessageA
DialogBoxParamA
GetDC
CreateMenu
IsCharAlphaNumericA
MessageBeep
CheckMenuRadioItem
GetKeyboardState
FindWindowExA
SetLayeredWindowAttributes
FrameRect
RegisterClassExA
IsWindowEnabled
DefWindowProcA
mouse_event
MonitorFromRect
IsClipboardFormatAvailable
SetMenu
SetUserObjectSecurity
IsWindowVisible
SetFocus
ScreenToClient
EnableWindow
CreateIconFromResourceEx
RegisterHotKey
SetTimer
DrawFrameControl
GetClipboardData
CreateWindowExA
DefDlgProcA
GetParent
SetActiveWindow
DestroyMenu
ReleaseDC
FillRect
SetCapture
IsCharAlphaA
GetWindowTextLengthA
CreatePopupMenu
GetClassLongA
GetDesktopWindow
CharNextA
GetCaretPos
GetDlgCtrlID
SendMessageA
RedrawWindow
DrawTextA
GetSysColor
BlockInput
AttachThreadInput
DeleteMenu
GetFocus
GetWindowLongW
SetWindowPos
GetMonitorInfoW
ExitWindowsEx
EndPaint
InflateRect
GetDlgItem
GetUserObjectSecurity
SetCursor
DrawMenuBar
GetCursorInfo
OpenClipboard
PtInRect
PeekMessageA
MapVirtualKeyA
IsDlgButtonChecked
EnumThreadWindows
SetMenuDefaultItem
IsWindow
GetKeyboardLayoutNameA
GetKeyState
GetMenuItemCount
keybd_event
InvalidateRect
EnumWindows
EndDialog
GetSystemMetrics
GetClassNameA
SetWindowLongW
TrackPopupMenuEx
UnregisterHotKey
IsCharLowerA
CopyImage
CloseWindowStation
LoadStringW
IsCharUpperA
GetMenuItemInfoA
RegisterWindowMessageA

gdi32

Ellipse
StrokePath
GetDIBits
ExtCreatePen
GetPixel
SetTextColor
SetPixel
CreatePen
GetDeviceCaps
GetTextExtentPoint32W
CreateFontW
EndPath
DeleteObject
CreateCompatibleBitmap
PolyDraw
CreateCompatibleDC
GetTextFaceW
SetViewportOrgEx
CreateSolidBrush
BeginPath
CloseFigure
CreateDCW
MoveToEx
GetStockObject
StretchBlt
RoundRect
SelectObject
AngleArc
StrokeAndFillPath
Rectangle
SetBkMode
GetObjectW
LineTo
DeleteDC
SetBkColor

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

GetAce
InitiateSystemShutdownExW
DuplicateTokenEx
RegCreateKeyExW
RegQueryValueExW
OpenThreadToken
RegCloseKey
LookupPrivilegeValueW
GetTokenInformation
CopySid
GetLengthSid
UnlockServiceDatabase
RegDeleteValueW
GetSecurityDescriptorDacl
RegDeleteKeyW
RegOpenKeyExW
LockServiceDatabase
AdjustTokenPrivileges
AddAce
GetUserNameW
CreateProcessAsUserW
RegConnectRegistryW
InitializeSecurityDescriptor
RegSetValueExW
SetSecurityDescriptorDacl
RegEnumKeyExW
CreateProcessWithLogonW
LogonUserW
RegEnumValueW
GetAclInformation
InitializeAcl
OpenSCManagerW
CloseServiceHandle

shell32

SHGetFolderPathW
ExtractIconExW
SHEmptyRecycleBinW
SHGetMalloc
SHGetPathFromIDListW
DragFinish
ShellExecuteW
ShellExecuteExW
Shell_NotifyIconW
DragQueryPoint
SHBrowseForFolderW
DragQueryFileW
SHFileOperationW
SHGetDesktopFolder

ole32

OleSetContainedObject
CoCreateInstance
IIDFromString
StringFromGUID2
CoUninitialize
CreateBindCtx
OleSetMenuDescriptor
OleInitialize
CoCreateInstanceEx
CoInitializeSecurity
CoTaskMemAlloc
CoSetProxyBlanket
CoInitialize
CoTaskMemFree
CreateStreamOnHGlobal
ProgIDFromCLSID
OleUninitialize
MkParseDisplayName
CLSIDFromString
CLSIDFromProgID

oleaut32

VariantCopy
CreateDispTypeInfo
SafeArrayUnaccessData
SafeArrayAllocDescriptorEx
VariantCopyInd
VariantTimeToSystemTime
QueryPathOfRegTypeLi
GetActiveObject
OleLoadPicture
VarR8FromDec
SafeArrayAccessData
SafeArrayCreateVector
VariantChangeType
VariantClear
SysStringLen
DispCallFunc
SysAllocString
SysFreeString
VariantInit
CreateStdDispatch
SafeArrayGetVartype
SafeArrayDestroyDescriptor
SafeArrayAllocData
OACreateTypeLib2

comctl32

ImageList_DragLeave
ImageList_DragEnter
ImageList_DragMove
ImageList_ReplaceIcon
ImageList_Remove
ImageList_EndDrag
ImageList_Destroy
ImageList_BeginDrag
ImageList_SetDragCursorImage
InitCommonControlsEx
ImageList_Create

winmm

timeGetTime
mciSendStringW
waveOutSetVolume

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

wininet

InternetConnectW
InternetOpenUrlW
InternetQueryOptionW
HttpSendRequestW
HttpOpenRequestW
InternetQueryDataAvailable
FtpGetFileSize
HttpQueryInfoW
InternetCloseHandle
InternetReadFile
FtpOpenFileW
InternetCrackUrlW
InternetOpenW
InternetSetOptionW

wsock32

ioctlsocket
sendto
setsockopt
__WSAFDIsSet
send
select
htons
gethostbyname
recvfrom
recv
WSAStartup
socket
WSAGetLastError
accept
closesocket
ntohs
gethostname
listen
connect
inet_addr
WSACleanup
bind

mpr

WNetUseConnectionW
WNetGetConnectionW
WNetCancelConnection2W
WNetAddConnection2W

psapi

EnumProcesses
GetModuleBaseNameW
EnumProcessModules
GetProcessMemoryInfo

userenv

LoadUserProfileW
CreateEnvironmentBlock
DestroyEnvironmentBlock
UnloadUserProfile

Sections

.text
Size: 494KB - Virtual size: 494KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 263KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6e3f1dc0ff63055642549cf5c768688

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

winmm

version

wininet

wsock32

mpr

psapi

userenv

Sections

.text Size: 494KB - Virtual size: 494KB

.rdata Size: 102KB - Virtual size: 101KB

.data Size: 263KB - Virtual size: 310KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 494KB - Virtual size: 494KB

.rdata
Size: 102KB - Virtual size: 101KB

.data
Size: 263KB - Virtual size: 310KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 4KB - Virtual size: 4KB