2a39be67b9f1883eea66c377401d450a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a39be67b9f1883eea66c377401d450a_JaffaCakes118
Size

940KB
MD5

2a39be67b9f1883eea66c377401d450a
SHA1

1ff4c936342e3cdab5045fca01743a3f12d26032
SHA256

fc8b3a236f3676d833aac63a318d3172e1f4e0bf7f66a82207c272ed37214d1d
SHA512

e2e42d2f469f38b96957dc307e995e9ef398e737038b823131f62ef248f4821d523d7441c63a198f6ecc68fce779fe31d1ba51f46327fd69d5d6ba4d247d4bd2
SSDEEP

6144:XIdKHFr6O65BlUPJZshDqJssTD4OWhSAx:xHFrqgZ8yNDw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a39be67b9f1883eea66c377401d450a_JaffaCakes118

Files

2a39be67b9f1883eea66c377401d450a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

06eb7fc11b102e60a49fec353649e5d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Works9SusEng\WorksCD\Common\quill\qsrc\qd\Release\wkwpqd.pdb

Imports

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
InterlockedExchange
GetCPInfo
IsBadReadPtr
FreeLibrary
GetProcAddress
LoadLibraryA
DeleteFileW
FlushFileBuffers
SetFilePointer
GetTempFileNameW
GetTempPathW
FileTimeToDosDateTime
GetFileTime
GetFullPathNameW
SizeofResource
LoadResource
FindResourceA
GetCurrentDirectoryA
GetProfileIntA
GetSystemDefaultLangID
GetLocaleInfoA
GetOEMCP
GetVersionExA
GetVersion
ReadFile
GetCommandLineW
GetACP
GetUserDefaultLCID
IsValidLocale
CreateProcessW
GetFileAttributesW
GetFileAttributesA
IsDBCSLeadByte
MoveFileA
MoveFileW
FindFirstFileW
CreateFileW
IsValidCodePage
GetTempFileNameA
SetEndOfFile
GetTickCount
LoadLibraryExA
FormatMessageA
RaiseException
GetProfileStringA
GlobalMemoryStatus
SetFileAttributesA
lstrlenA
GlobalSize
GetTempPathA
FindFirstFileA
FindClose
GetModuleFileNameA
GetFullPathNameA
MultiByteToWideChar
GetLastError
CreateFileA
WriteFile
CloseHandle
LocalFree
LocalAlloc
GlobalAlloc
WideCharToMultiByte
DeleteFileA
IsDBCSLeadByteEx
lstrlenW
OutputDebugStringA
GlobalLock
GlobalUnlock
GlobalFree
MulDiv
InterlockedCompareExchange

user32

DrawTextA
GetClientRect
SetCapture
ReleaseCapture
GetAsyncKeyState
InvalidateRect
GetFocus
GetCursorPos
WindowFromPoint
PtInRect
InflateRect
UpdateWindow
GetClipboardOwner
OpenClipboard
GetClipboardData
CloseClipboard
ReleaseDC
RegisterClipboardFormatA
CharNextA
GetDC
FillRect
GetSysColor
SetWindowLongA
GetClassNameA
IsWindowEnabled
GetParent
GetWindowLongA
DispatchMessageA
TranslateMessage
MessageBeep
PeekMessageA
MessageBoxA
ScreenToClient
DefWindowProcA
UnregisterClassA
IntersectRect
CreateWindowExA
RegisterClassA
LoadCursorA
SetTimer
KillTimer
GetKeyState
CountClipboardFormats
ScrollDC
SetCaretPos
HideCaret
CreateCaret
DestroyCaret
SendMessageW
SendMessageA
MessageBoxW
CallWindowProcA
CallWindowProcW
GetWindow
GetTopWindow
RedrawWindow
GetUpdateRect
GetWindowPlacement
RegisterWindowMessageA
ClientToScreen
GetKeyboardLayout
SetClipboardData
GetWindowDC
WindowFromDC
GetSystemMetrics
EnumClipboardFormats
EmptyClipboard
InvertRect
MoveWindow
CharLowerA
CharUpperA
GetCaretBlinkTime
PostMessageA
LoadStringA
GetKeyboardState
ToUnicode
IsWindowUnicode
MapWindowPoints
GetDesktopWindow
DestroyWindow
GetWindowRect

gdi32

CreatePen
GetTextCharsetInfo
GetTextCharset
EnumFontFamiliesW
EnumFontFamiliesA
GetCurrentObject
GetKerningPairsA
GetCharWidthA
GetOutlineTextMetricsA
StrokePath
StrokeAndFillPath
CloseFigure
PolyBezierTo
GetPath
FlattenPath
GetTextColor
SetBitmapBits
RemoveFontResourceA
AddFontResourceA
CreateScalableFontResourceA
EnumFontFamiliesExW
EnumFontFamiliesExA
CreatePenIndirect
GetWinMetaFileBits
PlayEnhMetaFile
GetEnhMetaFileA
CreatePalette
CreateFontW
InvertRgn
CreateRectRgnIndirect
GetCharWidthW
CreateRectRgn
GetNearestColor
MaskBlt
GetBitmapBits
GetObjectType
GetTextFaceW
GetTextFaceA
GetClipRgn
GetRegionData
SetMapMode
SetWinMetaFileBits
CopyEnhMetaFileA
CombineRgn
GetRgnBox
FillRgn
DPtoLP
UnrealizeObject
SetBrushOrgEx
BitBlt
CreateSolidBrush
SetROP2
CreateDIBitmap
GetDIBits
CreateDIBSection
GdiFlush
SetStretchBltMode
StretchDIBits
SelectObject
CreateCompatibleDC
SelectPalette
RealizePalette
CreateCompatibleBitmap
DeleteDC
SetViewportOrgEx
GetStockObject
DeleteObject
DeleteMetaFile
DeleteEnhMetaFile
GetEnhMetaFileBits
GetEnhMetaFileHeader
GetObjectA
CopyMetaFileA
GetClipBox
EndDoc
AbortDoc
SelectClipRgn
LPtoDP
GetDeviceCaps
StartDocA
Rectangle
EndPage
Escape
StartPage
SetAbortProc
LineTo
MoveToEx
SetTextColor
SetBkColor
CreateFontA
GetTextMetricsA
CreatePolygonRgn
CreateBitmap
RestoreDC
SaveDC
SetViewportExtEx
GetWindowExtEx
GetWindowOrgEx
GetViewportExtEx
GetViewportOrgEx
SelectClipPath
EndPath
Polygon
BeginPath
PlayMetaFileRecord
SetPixelV
SetTextCharacterExtra
SetMetaFileBitsEx
GetTextAlign
GetTextExtentPointA
GetCurrentPositionEx
GetMetaFileBitsEx
EnumMetaFile
SetWindowExtEx
SetWindowOrgEx
CloseMetaFile
CreateMetaFileA
PlayMetaFile
GetMetaFileA
SetTextAlign
CreateDCA
CreateICA
OffsetRgn
SetRectRgn
RectInRegion
GetObjectW
CreateFontIndirectW
TranslateCharsetInfo
GetTextExtentPointW
ExtTextOutW
Pie
Chord
Arc
ExtEscape
SetBkMode
Ellipse
PolyPolygon
Polyline
RoundRect
GetEnhMetaFilePaletteEntries
GetPaletteEntries
CreatePatternBrush
CreateEnhMetaFileA
CloseEnhMetaFile
PatBlt
GetMapMode
IntersectClipRect
CreateFontIndirectA
ExtTextOutA
ResetDCA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

PrintDlgA
CommDlgExtendedError

advapi32

RegSetValueExW
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA

ole32

OleQueryLinkFromData
OleFlushClipboard
WriteClassStg
OleGetClipboard
OleSetClipboard
OleLoad
OleDuplicateData
OleRun
OleIsRunning
OleSetContainedObject
CoDisconnectObject
OleCreateLinkFromData
OleCreateLinkToFile
StringFromGUID2
OleCreateFromData
OleCreateFromFile
OleCreate
CreateBindCtx
OleIsCurrentClipboard
DoDragDrop
GetHGlobalFromStream
WriteFmtUserTypeStg
StgIsStorageFile
StgOpenStorage
CoCreateInstance
StgCreateDocfile
CreateStreamOnHGlobal
OleConvertOLESTREAMToIStorage
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleSave
CoGetMalloc
OleConvertIStorageToOLESTREAM
OleCreateStaticFromData
ReleaseStgMedium

oleaut32

SysAllocString
SysFreeString
SysStringLen
VariantInit
DispGetIDsOfNames
DispInvoke
LoadTypeLi
SysAllocStringLen
SysStringByteLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 800KB - Virtual size: 796KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06eb7fc11b102e60a49fec353649e5d2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 800KB - Virtual size: 796KB

.rdata Size: 84KB - Virtual size: 83KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 800KB - Virtual size: 796KB

.rdata
Size: 84KB - Virtual size: 83KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 28KB - Virtual size: 27KB