128e9164455d181444ed4861f410d940_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

128e9164455d181444ed4861f410d940_JaffaCakes118
Size

2.3MB
MD5

128e9164455d181444ed4861f410d940
SHA1

9a37d18b944a0fa9d2490adfd62322830e305fb3
SHA256

ab0ae0f648d1e699bb48e5b50eb0698710ae8d95dac871e18f52d3572631e59a
SHA512

ec16650d2867cec93130b694193f7d66d2a00a2a324076923407bf1ae88570e75f72d93fea11581fd073e6f7b78c62bca4df781f22bbfe386eebf3abc8def03e
SSDEEP

24576:HXjaz8fyY8ViooHTcaGwg71eZP9VO+MXOZFVLP:zXyYZTcaGjpyPRAOtj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
128e9164455d181444ed4861f410d940_JaffaCakes118

Files

128e9164455d181444ed4861f410d940_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1e4b42dadd46ca0ab64afe6fe7ed46b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\LocalSvnForDailyBuild\lonely_de\bin\de_release\Plug\Impetus.pdb

Imports

dskinliteud

dsSetDrawItemVisible
dsExitSkin
dsLoadSkin
dsInvalidateRect
dsSetDrawItemValueEx
dsSkinWindow

log4cplus

?isEnabledFor@Logger@log4cplus@@QBE_NH@Z
??1Logger@log4cplus@@UAE@XZ
?getInstance@Logger@log4cplus@@SA?AV12@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?forcedLog@Logger@log4cplus@@QBEXHABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PBDH@Z
?setErrorHandler@Appender@log4cplus@@UAEXV?$auto_ptr@VErrorHandler@log4cplus@@@std@@@Z
??1?$SharedObjectPtr@VAppender@log4cplus@@@helpers@log4cplus@@QAE@XZ
??6@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@std@@AAV01@PBD@Z
?setName@Appender@log4cplus@@UAEXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?getName@Appender@log4cplus@@UAE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?close@FileAppender@log4cplus@@UAEXXZ
?formatAndAppend@PatternLayout@log4cplus@@UAEXAAV?$basic_ostream@_WU?$char_traits@_W@std@@@std@@ABVInternalLoggingEvent@spi@2@@Z
??1PatternLayout@log4cplus@@UAE@XZ
??0PatternLayout@log4cplus@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??0FileAppender@log4cplus@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@H_N@Z
??_DFileAppender@log4cplus@@QAEXXZ
?append@FileAppender@log4cplus@@MAEXABVInternalLoggingEvent@spi@2@@Z
??0?$SharedObjectPtr@VAppender@log4cplus@@@helpers@log4cplus@@QAE@PAVAppender@2@@Z
?getLayout@Appender@log4cplus@@UAEPAVLayout@2@XZ
??0?$SharedObjectPtr@VAppender@log4cplus@@@helpers@log4cplus@@QAE@ABV012@@Z
?setLayout@Appender@log4cplus@@UAEXV?$auto_ptr@VLayout@log4cplus@@@std@@@Z
?getErrorHandler@Appender@log4cplus@@UAEPAVErrorHandler@2@XZ

dbghelp

SymGetSymFromAddr
SymGetModuleInfo
SymInitialize
StackWalk
SymFunctionTableAccess
SymLoadModule
SymGetLineFromAddr

kernel32

WritePrivateProfileStringW
MoveFileW
DeleteFileW
ReadFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetFileSize
GetCurrentProcess
FindResourceExW
GetFileAttributesW
SetErrorMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapReAlloc
HeapAlloc
GetSystemTimeAsFileTime
ExitThread
CreateThread
GetCommandLineA
GetProcessHeap
RtlUnwind
RaiseException
ExitProcess
HeapSize
VirtualAlloc
VirtualQuery
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
SetEnvironmentVariableA
GetThreadContext
VirtualQueryEx
GetThreadLocale
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
lstrlenA
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
InterlockedDecrement
GetModuleFileNameW
FormatMessageW
LocalFree
GetModuleHandleA
GlobalFree
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
SetLastError
lstrcmpW
GetModuleHandleW
GetVersionExA
lstrcpyW
WinExec
lstrcatW
GetWindowsDirectoryW
MulDiv
LoadLibraryExW
MultiByteToWideChar
TerminateProcess
OpenProcess
GetCurrentProcessId
GlobalUnlock
GlobalLock
GlobalAlloc
SetEvent
ResetEvent
WaitForSingleObject
ResumeThread
CreateEventW
FreeResource
CloseHandle
WriteFile
CreateFileW
GetModuleFileNameA
FreeLibrary
SizeofResource
LoadResource
FindResourceW
LockResource
GetProcAddress
LoadLibraryW
GetLastError
WideCharToMultiByte
lstrlenW
GetTickCount
InterlockedCompareExchange
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW

user32

RegisterClipboardFormatW
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageW
DestroyMenu
GetSysColorBrush
UnregisterClassW
PostThreadMessageW
MessageBoxA
MoveWindow
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemInt
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
GetFocus
SetFocus
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
GetMessageTime
PeekMessageW
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
GetMenu
GetSubMenu
EndPaint
RegisterClassW
AdjustWindowRectEx
GetDlgCtrlID
CallWindowProcW
SetWindowLongW
SystemParametersInfoA
GetWindow
DefWindowProcW
GetClassInfoW
EnumWindows
SetWindowRgn
GetMenuState
GetMenuItemID
SetRectEmpty
GetMenuItemCount
GetClassNameW
SetRect
EqualRect
IsRectEmpty
GetWindowTextW
GetWindowLongW
DestroyCursor
GetIconInfo
DestroyIcon
CopyIcon
FillRect
CreateIconIndirect
GetKeyboardState
DestroyWindow
CreateWindowExW
AppendMenuW
CreatePopupMenu
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
SetActiveWindow
GetActiveWindow
SetLayeredWindowAttributes
SetWindowPos
MessageBoxW
IntersectRect
GetWindowThreadProcessId
GetKeyState
GetClientRect
LoadCursorW
SetCursor
DrawTextW
GetSysColor
ClientToScreen
PostMessageW
GetDlgItem
ReleaseDC
ScreenToClient
GetMessagePos
RemovePropW
GetPropW
SetPropW
wsprintfW
InvalidateRect
SetWindowTextW
IsWindowVisible
IsWindow
IsChild
WindowFromPoint
PtInRect
GetCursorPos
GetDC
UpdateWindow
IsIconic
CopyRect
GetWindowPlacement
BeginPaint
GrayStringW
DrawTextExW
TabbedTextOutW
GetDesktopWindow
CreateDialogIndirectParamW
GetSystemMetrics
OffsetRect
KillTimer
SetTimer
GetWindowRect
SendMessageW
GetNextDlgTabItem
EndDialog
IsWindowEnabled
GetClassInfoExW
ShowWindow
GetParent
SetDlgItemTextW
EnableWindow
UnregisterClassA
LoadImageW

gdi32

StretchBlt
CreateFontIndirectW
SetBkMode
SetBkColor
GetTextMetricsW
SetTextJustification
TextOutW
GetDeviceCaps
FrameRgn
FillRgn
SelectClipRgn
CreateRectRgn
CombineRgn
OffsetRgn
CreateRoundRectRgn
SetTextCharacterExtra
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
CreateBitmap
RestoreDC
SaveDC
GetObjectW
LineTo
MoveToEx
CreatePen
SetTextColor
CreateCompatibleBitmap
Rectangle
CreateFontW
GetStockObject
CreateSolidBrush
BitBlt
SelectObject
CreateCompatibleDC
CreateDIBSection
SetTextAlign
SetMapMode
DeleteObject
DeleteDC
ScaleWindowExtEx
GetTextExtentPoint32W
GetClipBox
CreatePolygonRgn

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegOpenKeyExW
RegQueryValueW
RegOpenKeyW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW

shell32

SHFileOperationA
ShellExecuteW

comctl32

ImageList_GetImageCount
ImageList_GetIcon
ord17

shlwapi

PathFindFileNameW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize

oleaut32

VariantInit
VariantChangeType
VariantClear
SystemTimeToVariantTime
VariantTimeToSystemTime

gdiplus

GdipFree
GdipGetPropertyItemSize
GdipLoadImageFromFile
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipDisposeImage
GdipImageGetFrameDimensionsCount
GdiplusStartup
GdipCloneImage
GdipAlloc
GdipDrawImageRectI
GdipGetPropertyItem
GdipGetImageWidth
GdipImageSelectActiveFrame
GdipGetImageHeight
GdipCreateFromHDC
GdipDeleteGraphics

Exports

Exports

GetPlugin

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e4b42dadd46ca0ab64afe6fe7ed46b9

Headers

File Characteristics

PDB Paths

Imports

dskinliteud

log4cplus

dbghelp

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

Exports

Exports

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 228KB - Virtual size: 227KB

.data Size: 36KB - Virtual size: 206KB

.rsrc Size: 28KB - Virtual size: 27KB

.vmp0 Size: 172KB - Virtual size: 169KB

.reloc Size: 120KB - Virtual size: 117KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 228KB - Virtual size: 227KB

.data
Size: 36KB - Virtual size: 206KB

.rsrc
Size: 28KB - Virtual size: 27KB

.vmp0
Size: 172KB - Virtual size: 169KB

.reloc
Size: 120KB - Virtual size: 117KB