25f6e39bad5d8cc078a2bb841330852f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25f6e39bad5d8cc078a2bb841330852f_JaffaCakes118
Size

96KB
MD5

25f6e39bad5d8cc078a2bb841330852f
SHA1

9a71eaec9218ada5c881341b0a8b3db3c6c1b831
SHA256

b145b7cb526144ddf6ea1d25d6945bd417a3cab65a4305625b2c8268b78ed812
SHA512

eff79975a8dd0a0cb4d5f24134e7b3d63e2c5221889f9c3fb23b26c1a49a8d7263e64a340741162e0e2efbeb8d0d697f539ae9e07a96a57e9c5d9d734eafc5fe
SSDEEP

1536:kQoibV8na5Td55A17Ai6T1m9zeHP2QQkB9KwJTkU8QNlHypZxk+nYLvF0VyZ:nuAcZsT1mpev2Q3NJTt8QNMBk+nY7b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25f6e39bad5d8cc078a2bb841330852f_JaffaCakes118

Files

25f6e39bad5d8cc078a2bb841330852f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

23580e74c0b9433147f1573112298390

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
GetUserDefaultLCID
GetSystemTime
LockFile
GetCurrentDirectoryA
GetExitCodeThread
DeleteFileW
CreateWaitableTimerW
GetEnvironmentStrings
GetWindowsDirectoryW
SizeofResource
CreateTimerQueue
GetLocalTime
AddAtomA
GetUserDefaultUILanguage
FileTimeToDosDateTime
GetSystemDirectoryW
CreateMutexW
RemoveDirectoryA
RegisterWaitForSingleObject
GetBinaryTypeW
FindClose
GetTimeFormatW
AllocConsole
GetLocaleInfoA
VirtualAllocEx
ReadConsoleInputW
IsValidLocale
lstrcatA
GetFullPathNameA
GetFileAttributesExW
SuspendThread
SetConsoleTitleA
AreFileApisANSI
lstrcmpiW
GetStartupInfoW
GlobalMemoryStatus
CompareStringA
HeapSize
GetProcessAffinityMask
SetEndOfFile
ReadConsoleW
FlushFileBuffers
GetSystemDefaultLangID
OpenFileMappingA
DeleteCriticalSection
GetSystemPowerStatus
IsWow64Process
WriteConsoleA
HeapDestroy
GetFileAttributesA
CreateConsoleScreenBuffer
ReadConsoleInputA
GetTempPathA
DeleteTimerQueueEx
FindResourceA
GetProcessVersion
SetLocalTime
LoadResource
GlobalHandle
GetFileTime
GetStartupInfoA
GetStringTypeExA
VirtualAlloc
SetFilePointerEx
GetLocaleInfoW
GetLongPathNameW
FindAtomA
WinExec
CancelWaitableTimer
LocalReAlloc
FormatMessageW
GetHandleInformation
GetStringTypeExW
FormatMessageA
EscapeCommFunction
LockFileEx
GetVersionExA
LCMapStringW
SetConsoleActiveScreenBuffer
IsValidLanguageGroup
IsBadCodePtr
SetConsoleCtrlHandler
FindNextChangeNotification
FindResourceW
CreateMailslotA
GlobalMemoryStatusEx
LocalAlloc
WaitNamedPipeA
UpdateResourceA
GetShortPathNameW
TerminateProcess
GetSystemWindowsDirectoryA
VerLanguageNameW
EnumUILanguagesW
EnumSystemLocalesA
GetDiskFreeSpaceExW
EnumResourceNamesW
DeviceIoControl
FindNextFileW
CreateIoCompletionPort
GetVersionExW
GlobalDeleteAtom
IsBadStringPtrA
GetSystemTimeAdjustment
FlushConsoleInputBuffer
SetCurrentDirectoryW
CompareFileTime
SetConsoleWindowInfo
GetLogicalDriveStringsA
GetAtomNameA
WideCharToMultiByte
GetFileSizeEx
GetModuleHandleW
TerminateJobObject
GetFullPathNameW
WriteConsoleInputA
GetComputerNameExW
MapViewOfFileEx
CreateJobObjectW
GetTapeParameters
FindCloseChangeNotification
SetEvent
GetProfileStringW
GetTimeZoneInformation
HeapCompact
CopyFileExW
QueueUserWorkItem
Beep
WriteFile
RtlMoveMemory
GetProfileStringA
lstrcpyA
SetVolumeLabelW
CreateDirectoryA
InterlockedIncrement
ReleaseMutex
GetProcessHeap
CopyFileA
GetSystemTimeAsFileTime
CreateProcessA
MoveFileA
GlobalAlloc
LeaveCriticalSection
DeleteFileA
InterlockedDecrement
ExpandEnvironmentStringsA
HeapAlloc
GetCurrentProcessId
Sleep
GetModuleHandleA
LocalFree
VirtualQuery
InitializeCriticalSection
GetModuleFileNameA
HeapFree
ReadFile
WaitForSingleObject
InterlockedExchange
UnmapViewOfFile
LoadLibraryA
GetProcAddress
GetLastError
GetVolumeInformationA

user32

CharUpperBuffA
SetDlgItemTextW
IntersectRect
ShowWindow
SetDlgItemTextA
BeginDeferWindowPos
TranslateMessage
IsCharAlphaA
DialogBoxParamA
SetSysColors
GetSubMenu
FindWindowW
CopyIcon
EnumDisplaySettingsW
LookupIconIdFromDirectory
AllowSetForegroundWindow
SetWindowContextHelpId
DrawTextExA
EnumWindowStationsW
AppendMenuA
GetInputState
SystemParametersInfoW
LoadAcceleratorsA
GetUserObjectInformationW
CheckMenuItem
TranslateMDISysAccel
MessageBoxA
CreateIcon
GetSystemMetrics
CreateIconFromResourceEx
SetMenuItemBitmaps
CloseDesktop
GetScrollInfo
IsRectEmpty
GetMenuStringA
MapDialogRect
ShowCursor
DefFrameProcA
GetWindowLongW
ShowOwnedPopups
SetClassLongA
GetUserObjectInformationA
ScrollWindowEx
GrayStringW
DefWindowProcA
SetThreadDesktop
GetMenuCheckMarkDimensions
EnumThreadWindows
CharNextA
ToAsciiEx
GetWindowTextLengthW
DispatchMessageW
BeginPaint
DrawIconEx
CharLowerW
MessageBoxExW
CharNextExA
FindWindowExA
GetDC
GetPropW
DrawAnimatedRects
CharLowerA
wvsprintfA
UnregisterClassW
ChildWindowFromPoint
LoadBitmapW
GetProcessWindowStation
SendInput
SetScrollInfo
VkKeyScanW
GetWindowDC
SetWindowTextW
GetSysColorBrush
LockWindowUpdate
GetMessageExtraInfo
LoadStringA
CloseWindowStation
SetDlgItemInt
ValidateRect
CharUpperA
GetTabbedTextExtentA
GetMenuState
SetCursor
GetWindowTextA
CharToOemW
FillRect
IsCharAlphaW
LoadCursorA
OpenWindowStationW
GetClassLongW
ReplyMessage
WaitForInputIdle
EnumChildWindows
CharNextW
DialogBoxIndirectParamW
ReleaseDC
GetClassInfoExA
GetMenuItemCount
SetPropA
GetWindowContextHelpId
MapWindowPoints
RegisterWindowMessageW
TabbedTextOutA
SetActiveWindow
SetPropW
SetWindowsHookExW
CreateMenu
SetWindowPos
GetPropA
CreateCaret
IsCharAlphaNumericA
GetProcessDefaultLayout
CharToOemBuffA
SendMessageTimeoutA
PeekMessageA
UnhookWindowsHookEx
FindWindowA
DispatchMessageA
GetClassNameA
SetWindowsHookExA
CallNextHookEx
GetWindowThreadProcessId
GetClassInfoExW

shlwapi

PathFindExtensionW
SHStrDupW
PathIsRootW
PathGetDriveNumberW
PathGetCharTypeW
PathIsFileSpecW
PathRemoveFileSpecW
SHRegSetPathW
StrCpyNW
UrlGetPartW
UrlEscapeW
PathFileExistsA
SHRegGetUSValueW
PathFindExtensionA
AssocQueryStringW
SHSetValueA
UrlUnescapeW
SHDeleteKeyA
StrCpyW
StrStrIA
PathIsNetworkPathW
PathIsDirectoryA
PathRemoveArgsW
SHDeleteValueW
StrRetToStrW
StrCatBuffA
PathRemoveFileSpecA
PathMatchSpecW
StrCatW
PathAddBackslashA
PathUndecorateW
PathMakePrettyW
PathFindNextComponentW
PathCommonPrefixW
StrRetToBufW
UrlIsW
PathIsURLW
PathRenameExtensionW
StrToIntExW
PathParseIconLocationW
SHDeleteKeyW

shell32

CommandLineToArgvW
SHGetFileInfoA
SHGetPathFromIDListW
SHGetMalloc
DragQueryFileW
SHBrowseForFolderW
SHPathPrepareForWriteW
SHGetDesktopFolder
SHParseDisplayName
ExtractIconW
ExtractIconExW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHOpenFolderAndSelectItems
SHCreateDirectoryExW
SHGetInstanceExplorer
SHGetFolderPathA

gdi32

GetCurrentPositionEx
GetTextExtentPointW
MoveToEx
DeleteDC
GetFontData
SetMapperFlags
UpdateColors
GetPixel
CreateICW
GetTextAlign
CreateICA
TextOutW
SetPixel
CreateCompatibleBitmap
CreateDCA
GetEnhMetaFileBits
EndPage
CreatePatternBrush
SetTextCharacterExtra
CreateDiscardableBitmap
InvertRgn
GetTextExtentPointA
CreateRectRgn
ExtCreatePen
GetPixelFormat
SetBitmapBits
AbortDoc
CreateEnhMetaFileW
ScaleWindowExtEx
StrokeAndFillPath
GetCharABCWidthsW
CreateMetaFileA
GetTextExtentPoint32W
PlayEnhMetaFile
GetPolyFillMode
RectVisible
AddFontResourceA
EnumEnhMetaFile
GetObjectType
GetLayout
GetGlyphOutlineW
StretchBlt
EnumFontFamiliesW
CreateRoundRectRgn
GetStockObject
SelectObject
CreateHalftonePalette
ExtTextOutW
CreateBitmap
PatBlt
GetStretchBltMode
CreateCompatibleDC
ScaleViewportExtEx
EnumFontFamiliesA
GetTextMetricsW
EnumFontsA
RemoveFontResourceW
GetWindowExtEx
GetBkColor
GetBrushOrgEx
PolyBezierTo
GetTextFaceW
GetBkMode
GetROP2
SetPolyFillMode
PolyDraw
GetViewportOrgEx
GetPaletteEntries
CreatePalette
GetBitmapBits
PlayMetaFileRecord
SetWorldTransform
SetArcDirection
WidenPath
SetWindowOrgEx
TextOutA
CreateScalableFontResourceA
StartDocW
GetEnhMetaFileHeader
DeleteObject
PolyPolygon
Chord
GetSystemPaletteEntries
GetNearestColor
CreateFontW
GetTextCharacterExtra
CreateDIBSection
ArcTo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23580e74c0b9433147f1573112298390

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

shell32

gdi32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB