15898c3ae8ac04bc6e5fe50bbf44b247_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15898c3ae8ac04bc6e5fe50bbf44b247_JaffaCakes118
Size

213KB
MD5

15898c3ae8ac04bc6e5fe50bbf44b247
SHA1

842040256c8d8fc70f169ea879f3c2e3caf94b6c
SHA256

3c45320e9ba41bb3b8be978fde1a108e05fea111864b3351693f4d763a08edfe
SHA512

160d021cd93f76b5c38710cf7360300d962c09077a0d3c6af2edded8aca321b7bee6664fa0d5959addde4a0469663b374deb9bd673c6ad34614db7acc93a32c9
SSDEEP

3072:wQin/UaDR/sNOZLzKAhCEpY3PpWtaJgrsSQUgf+9TE8:w1TEcYAhjpY3EtamrsSQUgK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15898c3ae8ac04bc6e5fe50bbf44b247_JaffaCakes118

Files

15898c3ae8ac04bc6e5fe50bbf44b247_JaffaCakes118
.dll windows:5 windows x86 arch:x86

72803ac299bbc01cbb92354442a80b63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteVolumeMountPointW
DeviceIoControl
EndUpdateResourceA
EnumLanguageGroupLocalesA
EnumSystemLanguageGroupsA
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsA
_lread
_lopen
_lcreat
WriteProfileStringW
WriteProfileStringA
WriteProfileSectionW
WriteConsoleOutputAttribute
WriteConsoleOutputA
WaitNamedPipeW
VirtualQuery
TerminateThread
SystemTimeToFileTime
SwitchToFiber
SetThreadContext
SetStdHandle
SetMessageWaitingIndicator
SetLastError
SetFileAttributesA
SearchPathW
ReplaceFileA
ReadProcessMemory
ReadFileEx
ReadDirectoryChangesW
ReadConsoleOutputW
ReadConsoleInputA
ReadConsoleA
OpenSemaphoreW
OpenJobObjectW
LocalReAlloc
LocalLock
LCMapStringA
InterlockedCompareExchange
Heap32Next
GlobalWire
GlobalFree
GetVersion
GetUserDefaultUILanguage
GetTickCount
GetTapePosition
GetSystemTime
GetSystemDirectoryA
GetProfileIntA
GetProcessPriorityBoost
GetProcessIoCounters
GetProcessHeap
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesA
GetPrivateProfileIntA
GetOverlappedResult
GetNumberFormatW
GetExitCodeThread
GetEnvironmentVariableW
GetDevicePowerState
GetCurrentDirectoryA
GetConsoleTitleW
GetConsoleCP
GetConsoleAliasW
GetComputerNameExW
GetCalendarInfoW
GetBinaryType
FreeResource
FreeLibraryAndExitThread
FreeConsole
FindResourceA
FindNextChangeNotification
FindAtomA
FillConsoleOutputCharacterA
DeleteAtom
CreateToolhelp32Snapshot
CreateFileW
CreateThread
CreateTapePartition
CreateJobObjectA
CreateHardLinkA
CreateEventA
CreateConsoleScreenBuffer
CopyFileW
CopyFileExW
CompareFileTime
ClearCommError
CancelDeviceWakeupRequest
AddAtomA
VirtualAllocEx
FatalExit

user32

BeginPaint
EndPaint
PostQuitMessage
DefWindowProcA
LoadIconA
CreateWindowExA

gdi32

EngTransparentBlt
cGetTTFFromFOT
XLATEOBJ_iXlate
XFORMOBJ_bApplyXform
UpdateColors
TranslateCharsetInfo
StrokePath
StrokeAndFillPath
StretchDIBits
SetWindowOrgEx
SetWindowExtEx
SetTextJustification
SetROP2
SetPixelV
SetPixelFormat
SetPaletteEntries
SetMiterLimit
SetMetaFileBitsEx
SetLayoutWidth
SetGraphicsMode
SetDeviceGammaRamp
SetDIBits
SetArcDirection
SelectClipRgn
ScaleViewportExtEx
ResetDCW
Rectangle
Polygon
PolyBezier
PlayEnhMetaFileRecord
PatBlt
ModifyWorldTransform
MirrorRgn
LineTo
HT_Get8BPPMaskPalette
GetViewportOrgEx
GetTextMetricsW
GetTextFaceA
GetTextExtentExPointW
GetTextExtentExPointA
GetStretchBltMode
GetObjectW
GetObjectType
GetObjectA
GetMetaFileW
GetMetaFileBitsEx
GetLayout
GetFontUnicodeRanges
GetFontData
GetColorSpace
GetClipRgn
GetClipBox
GetCharacterPlacementW
GetCharWidthW
GetCharWidthI
GetCharWidthA
GetCharABCWidthsW
GetCharABCWidthsA
GdiSwapBuffers
GdiStartPageEMF
GdiStartDocEMF
GdiSetServerAttr
GdiSetLastError
GdiSetAttrs
GdiInitSpool
GdiGetPageHandle
GdiGetLocalDC
GdiFlush
GdiFixUpHandle
GdiEntry9
GdiConsoleTextOut
GdiAddFontResourceW
FillRgn
FONTOBJ_pvTrueTypeFontFile
ExtTextOutA
AbortDoc
AnimatePalette
Arc
BRUSHOBJ_hGetColorTransform
CLIPOBJ_cEnumStart
Chord
ExtCreatePen
CreateDIBPatternBrush
CreateMetaFileW
CreatePenIndirect
DeleteMetaFile
DescribePixelFormat
DeviceCapabilitiesExW
EndPage
EngDeleteSurface
EngLoadModule
EngPlgBlt
EngStrokeAndFillPath
CopyMetaFileW
EnumFontFamiliesW

comdlg32

PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
PrintDlgA
CommDlgExtendedError
ChooseFontW
ChooseColorW
ChooseColorA
PrintDlgExW
PrintDlgW
ReplaceTextA
ReplaceTextW
PrintDlgExA
FindTextA
ChooseFontA

advapi32

RegOpenKeyW
RegOpenKeyExW

ole32

WriteStringStream
WdtpInterfacePointer_UserUnmarshal
UtGetDvtd16Info
UpdateDCOMSettings
StringFromIID
StringFromGUID2
StringFromCLSID
StgOpenStorageEx
StgOpenStorage
StgOpenPropStg
StgOpenAsyncDocfileOnIFillLockBytes
StgCreateStorageEx
StgCreateDocfile
STGMEDIUM_UserMarshal
SNB_UserSize
PropVariantCopy
OleSaveToStream
OleRegEnumVerbs
OleLockRunning
OleIsCurrentClipboard
OleInitialize
OleGetIconOfClass
OleGetClipboard
OleFlushClipboard
OleDoAutoConvert
OleCreateStaticFromData
OleCreateMenuDescriptor
OleCreateLinkFromDataEx
OleCreateLinkFromData
OleCreateFromFile
OleCreateEx
OleCreateDefaultHandler
OleBuildVersion
IsAccelerator
HWND_UserSize
HWND_UserFree
HPALETTE_UserSize
HMETAFILE_UserMarshal
HMETAFILEPICT_UserSize
HMETAFILEPICT_UserFree
HMENU_UserFree
HGLOBAL_UserUnmarshal
HDC_UserFree
HBRUSH_UserUnmarshal
HBRUSH_UserSize
HBRUSH_UserMarshal
HACCEL_UserSize
GetRunningObjectTable
GetHookInterface
GetHGlobalFromStream
GetDocumentBitStg
GetClassFile
DllGetClassObjectWOW
DllDebugObjectRPCHook
CreateStdProgressIndicator
CreateOleAdviseHolder
CreateItemMoniker
CreateILockBytesOnHGlobal
CreateFileMoniker
CreateBindCtx
CoWaitForMultipleHandles
CoUnloadingWOW
CoRegisterPSClsid
CoRegisterMessageFilter
CoQueryReleaseObject
CoQueryAuthenticationServices
CoIsHandlerConnected
CoInitializeEx
CoInitialize
CoGetMalloc
CoGetInstanceFromFile
CoGetCurrentProcess
CoGetCallerTID
CoGetCallContext
CoGetApartmentID
CoFreeUnusedLibraries
CoFreeLibrary
CoFreeAllLibraries
CoFileTimeNow
CoEnableCallCancellation
CoCreateGuid
CoCreateFreeThreadedMarshaler
CoBuildVersion
CLSIDFromProgIDEx

msvcrt

wcsxfrm
wcsstr
wcsrchr
wcsncat
wcscpy
wcscoll
vwprintf
ungetwc
tan
strrchr
strpbrk
strncat
sscanf
raise
printf
memset
memchr
malloc
log10
ldiv
isxdigit
iswxdigit
iswspace
isgraph
getwc
fsetpos
fgetwc
ctime
cos
asctime
abs
_y0
_wunlink
_wtoi64
_wspawnv
_wmktemp
_wmakepath
_winmajor
_wctime
_wchdir
_wasctime
_unloaddll
_toupper
_strset
_strnicoll
_strnicmp
_strerror
_stati64
_snwprintf
_setmaxstdio
_safe_fprem1
_safe_fprem
_safe_fdivr
_outpd
_mbsnextc
_mbsncoll
_mbctokata
_lock
_j1
_ismbcsymbol
_ismbcgraph
_ismbbkprint
_ismbbalpha
_i64toa
_getmaxstdio
_getdiskfree
_fstati64
_fileno
_filelength
_cwait
_controlfp
_chdrive
_cexit
_c_exit
_beep
_adj_fdivr_m32
__threadid
__p__winver
__p__mbctype
__p__fileinfo
__p__acmdln
__p___argc
__isascii
__getmainargs
__fpecode
_CIcos
_CIlog
_CIsinh
_CItan
_CItanh
_Getmonths

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72803ac299bbc01cbb92354442a80b63

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

msvcrt

Sections

.text Size: 193KB - Virtual size: 193KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 2KB - Virtual size: 1KB

.data2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 193KB - Virtual size: 193KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 2KB - Virtual size: 1KB

.data2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB