38388b04d992ff99870bc1bf82fdcf35_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38388b04d992ff99870bc1bf82fdcf35_JaffaCakes118
Size

112KB
MD5

38388b04d992ff99870bc1bf82fdcf35
SHA1

320eea97cc02e90a1c12b221a38b0cdb7f54f582
SHA256

b0902289df17fabb772cd914e37ea6385ee892f56b8767578f60266421cc94a6
SHA512

2c15c5023f3ec115790b29a0d749eb6037c5ff12a0ba644505c56d3fb34ff2223e4ebfe89ed0fa08cf0363f3501b271765ec85d4b7374eb281002d6a403f1662
SSDEEP

1536:QZ89UhHoFfJPWhbu1pDIUZVHix9lyCxvTRq6S4kVD0rEJV+mATD7FltTGeqsSE2m:QuOhZweM1w3St4OWtjgbRoz0er9FMs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38388b04d992ff99870bc1bf82fdcf35_JaffaCakes118

Files

38388b04d992ff99870bc1bf82fdcf35_JaffaCakes118
.dll windows:4 windows x86 arch:x86

01652bcb325e63cd1a40c2c646191f1d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GlobalUnlock
GlobalHandle
TlsFree
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
ResumeThread
GetCurrentThreadId
GetModuleHandleW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
GetModuleHandleA
GetProcessVersion
GlobalFlags
GetCurrentDirectoryW
RtlUnwind
ExitThread
GetCommandLineA
HeapAlloc
HeapFree
GetTimeZoneInformation
TlsAlloc
HeapSize
HeapReAlloc
ExitProcess
UnhandledExceptionFilter
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetDriveTypeA
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalFree
LocalAlloc
lstrcmpiW
GetFullPathNameW
GetVolumeInformationW
SetEndOfFile
FlushFileBuffers
SetFilePointer
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateFileW
lstrcpynW
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
FindFirstFileW
SetLastError
FindClose
ExpandEnvironmentStringsA
CreateFileA
GetModuleFileNameA
DeleteFileA
CopyFileA
lstrcmpW
GetStdHandle
CreatePipe
SetStdHandle
DuplicateHandle
GetEnvironmentVariableW
WaitForSingleObject
ReadFile
WriteFile
CreateEventW
GetStartupInfoW
CreateProcessW
GetCurrentProcessId
DeleteFileW
GetLogicalDriveStringsW
GetDriveTypeW
GetDiskFreeSpaceExW
TerminateProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
LoadLibraryW
GetProcAddress
FreeLibrary
CloseHandle
GetVersion
GetVersionExW
VirtualProtect
GetCurrentProcess
ReadProcessMemory
CreateThread
lstrlenW
GetSystemInfo
GlobalMemoryStatus
GetComputerNameW
lstrcpyW
lstrcatW
Sleep
GetTickCount
RaiseException
GetLastError

user32

PostMessageW
LoadIconW
SetWindowTextW
LoadCursorW
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameW
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutW
DrawTextW
GrayStringW
GetSysColor
SetFocus
AdjustWindowRectEx
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextW
GetDlgCtrlID
DefWindowProcW
DestroyWindow
CreateWindowExW
SetPropW
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
wsprintfW
wsprintfA
wvsprintfA
LoadStringW
DispatchMessageW
GetKeyState
CallNextHookEx
PeekMessageW
SetWindowsHookExW
UnhookWindowsHookEx
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
SendMessageW
MessageBoxW
EnableWindow
GetSystemMetrics
CharUpperW
MapWindowPoints
SystemParametersInfoW

gdi32

SetWindowExtEx
ScaleWindowExtEx
SetTextColor
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectW
CreateBitmap
GetClipBox
SetBkColor

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

LookupPrivilegeValueW
RegCreateKeyA
RegSetValueExA
OpenProcessToken
GetSidSubAuthority
AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
GetUserNameW
LookupAccountNameW
GetSidIdentifierAuthority
GetSidSubAuthorityCount

comctl32

ord17

wininet

InternetWriteFile
InternetReadFile
HttpSendRequestW
InternetSetOptionW
InternetQueryOptionW
InternetCloseHandle
InternetOpenW
InternetConnectW
HttpOpenRequestA
HttpAddRequestHeadersW
HttpSendRequestExW

netapi32

NetUserGetLocalGroups
NetApiBufferFree

Exports

Exports

hMainThread

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01652bcb325e63cd1a40c2c646191f1d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

wininet

netapi32

Exports

Exports

Sections

.text Size: 78KB - Virtual size: 77KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 6KB - Virtual size: 20KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 78KB - Virtual size: 77KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 6KB - Virtual size: 20KB

.reloc
Size: 11KB - Virtual size: 10KB