3db16a5f5f8f4f3a5a1c588a72ae2585_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3db16a5f5f8f4f3a5a1c588a72ae2585_JaffaCakes118
Size

214KB
MD5

3db16a5f5f8f4f3a5a1c588a72ae2585
SHA1

3f2639c541d90ab98739509a11c29dcc50963554
SHA256

6e1d751bd3492ae620db7dcc801b06d9e1728da60da9f8b8ac158f55532d0706
SHA512

7845347a94a5ad2d9d47eb31fe055ab1ff1ecb10888c88f307282f2d2d808677b77cdb97228eaef325ec5872a938f58ea87b5d60c84eb1b1c86c0ab7aea61b27
SSDEEP

3072:4xNZflc+wnBqtYpe1F03p7X9fjuYaTCSZ8UMzNISbEAQ84yg:Qflc+wnLeM3p5kCbtzNIAQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3db16a5f5f8f4f3a5a1c588a72ae2585_JaffaCakes118

Files

3db16a5f5f8f4f3a5a1c588a72ae2585_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

5b3626186dd2f2a4d280b1df77ff7a6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mscandui.pdb

Imports

msvcrt

_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
free
strrchr
_except_handler3
wcsncmp
_resetstkoflw
atoi
iswalpha
iswpunct
wcslen
wcscmp
_vsnprintf
_ftol
memmove
strncmp

msctf

TF_CreateThreadMgr

kernel32

GetWindowsDirectoryA
EnumResourceLanguagesA
GetSystemDefaultLangID
InitializeCriticalSectionAndSpinCount
FindResourceA
LoadResource
LocalReAlloc
IsBadWritePtr
lstrcmpA
LoadLibraryA
GetModuleHandleA
LocalAlloc
LocalFree
lstrlenW
GetSystemWindowsDirectoryA
GetSystemDirectoryA
lstrcpynA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetModuleFileNameA
GetVersionExA
CreateMutexA
CreateFileMappingA
lstrlenA
OpenFileMappingA
MapViewOfFile
ReleaseMutex
WaitForSingleObject
UnmapViewOfFile
CloseHandle
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
FreeLibrary
GetProcAddress
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
GlobalAddAtomA
GetLocaleInfoA
MultiByteToWideChar
GetACP

user32

AdjustWindowRectEx
WindowFromPoint
EndPaint
BeginPaint
GetClassInfoExA
MoveWindow
SetCursor
GetDoubleClickTime
GetIconInfo
OffsetRect
SetWindowRgn
IsWindowVisible
FrameRect
DrawStateA
VkKeyScanA
VkKeyScanW
GetMessageA
GetCursor
GetKeyState
SetCapture
ReleaseCapture
SetWindowPos
ShowWindow
CreateWindowExA
GetWindowLongA
SetWindowLongA
DrawTextExW
DrawTextExA
LoadStringA
GetThreadDesktop
GetUserObjectInformationA
SetWindowsHookExA
CallNextHookEx
PeekMessageA
WaitMessage
DispatchMessageA
PostQuitMessage
PostThreadMessageA
GetClientRect
PtInRect
SystemParametersInfoW
SystemParametersInfoA
IsRectEmpty
DrawIconEx
InvertRect
FillRect
DrawFrameControl
DrawEdge
GetSysColor
IntersectRect
UnionRect
GetCursorPos
ScreenToClient
KillTimer
SetTimer
InflateRect
GetDC
ReleaseDC
GetWindowRect
SetPropA
InvalidateRect
SetRect
ClientToScreen
DestroyWindow
DestroyIcon
LoadImageA
RemovePropA
LoadCursorA
RegisterClassExA
IsWindow
UpdateWindow
DefWindowProcA
GetKeyboardState
ToAscii
PostMessageA
RegisterWindowMessageA
GetSystemMetrics
TranslateMessage
GetSysColorBrush
UnhookWindowsHookEx

gdi32

GetCurrentObject
LineTo
MoveToEx
CreatePen
SetTextColor
SetBkMode
GetTextColor
GetTextExtentPointW
DeleteDC
StretchBlt
CreateCompatibleDC
GetObjectA
PlayEnhMetaFile
GetEnhMetaFileHeader
BitBlt
GetStockObject
CreateCompatibleBitmap
SetWindowOrgEx
TranslateCharsetInfo
CreateFontIndirectW
CreateFontIndirectA
GetTextMetricsA
GetDIBits
RealizePalette
SelectPalette
StretchDIBits
CreateBitmap
CreateDCA
ExtTextOutW
ExtTextOutA
SetTextAlign
GetTextAlign
GetTextExtentPoint32W
GetTextExtentPointA
SetBkColor
GetWindowExtEx
GetViewportExtEx
ExtSelectClipRgn
IntersectClipRect
GetClipRgn
CreateRectRgn
SetViewportOrgEx
CombineRgn
CreatePolygonRgn
CreateRoundRectRgn
FrameRgn
FillRgn
CreateSolidBrush
RoundRect
CreateDIBSection
CreateBrushIndirect
TextOutA
CreateFontA
GetDeviceCaps
SelectObject
DeleteObject

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

ole32

CoCreateInstance
CoTaskMemFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b3626186dd2f2a4d280b1df77ff7a6c

Headers

File Characteristics

PDB Paths

Imports

msvcrt

msctf

kernel32

user32

gdi32

advapi32

ole32

Exports

Exports

Sections

.text Size: 190KB - Virtual size: 190KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 190KB - Virtual size: 190KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 14KB - Virtual size: 14KB