3bcaf0275c44c13618ae462af75e3b85_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3bcaf0275c44c13618ae462af75e3b85_JaffaCakes118
Size

226KB
MD5

3bcaf0275c44c13618ae462af75e3b85
SHA1

1f4f275c465c7064033c900dcff7400e3652e5ba
SHA256

9ee357a19962086b0d9a8ba83de10cd04c3f139c5cf1343e98a91ad17746e6b0
SHA512

3d23761976412b9cac5c6ddf17e6f12acb0eac3f5d1bf7ef0c8bb8db7f2cd9fa755e60deb69c0f0533a272213c5996df24597e0e0f5313ab1339131933c59027
SSDEEP

3072:kBd/oFnhuSl6yXkQW9F07D7Rsb0sfpJgR8twT/VvBUmH53wuU+kUO:EdgD56yXTW9F07fRkbJttwrVPrU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bcaf0275c44c13618ae462af75e3b85_JaffaCakes118

Files

3bcaf0275c44c13618ae462af75e3b85_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

c92f271dbb570710be1481d5c04f89f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Plugins for Browsers\Clickapps.net\release\facerange.pdb

Imports

kernel32

RtlUnwind
GetCommandLineA
Sleep
ExitProcess
HeapReAlloc
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
HeapFree
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
HeapAlloc
GetProcessHeap
lstrlenA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
GlobalFindAtomW
LoadLibraryA
GetVersionExA
GlobalFlags
GetModuleHandleA
WritePrivateProfileStringW
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentProcessId
GlobalAddAtomW
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
WideCharToMultiByte
InterlockedExchange
lstrcmpW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
SetLastError
LoadLibraryExW
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
lstrcmpiW
GetModuleHandleW
GetProcAddress
GetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
FreeEnvironmentStringsA
lstrlenW

user32

DestroyMenu
ShowWindow
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DefWindowProcW
CallWindowProcW
CopyRect
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetDlgCtrlID
CharNextW
MessageBoxW
GetSubMenu
GetWindowRect
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMessageTime
GetMenuItemCount
GetMenuItemID
GetMenuState
UnhookWindowsHookEx
PostQuitMessage
PostMessageW
CheckMenuItem
EnableMenuItem
ModifyMenuW
SendMessageW
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageW
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassW
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
GetMessagePos

gdi32

GetStockObject
DeleteDC
ScaleViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
GetDeviceCaps
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SysFreeString
VarUI4FromStr
VariantInit
VariantClear
SysStringLen
DispCallFunc
LoadRegTypeLi
LoadTypeLi
SysAllocString
UnRegisterTypeLi
RegisterTypeLi
VariantChangeType

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c92f271dbb570710be1481d5c04f89f6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 143KB - Virtual size: 143KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 10KB - Virtual size: 24KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 29KB - Virtual size: 29KB

.text
Size: 143KB - Virtual size: 143KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 10KB - Virtual size: 24KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 29KB - Virtual size: 29KB