3fe0e9e27f53ae4a72b600104bf4d325_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3fe0e9e27f53ae4a72b600104bf4d325_JaffaCakes118
Size

444KB
MD5

3fe0e9e27f53ae4a72b600104bf4d325
SHA1

1c5b81f97d0c8da5c766c8dbd89a3f8cef2cab72
SHA256

deb9a45983ea07c5ddbdcbd0254f9e4238425a1ee7c9d02997f3f0b9f902dd8e
SHA512

2bf3b12827119af529e0c712220790a6bac97839126b410922e5f02f98b0f80df3f6230c109501871e10560da8320fea8b2e02354b714b6c68971498ca2e770e
SSDEEP

6144:suaaWLv4KlbTUpFyIRXw1+bg/9TkVhBLdlsnKAIkrTHGxvh+N7l5znpbqm:ULv4K6FtO1+bZBgKABTPnh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fe0e9e27f53ae4a72b600104bf4d325_JaffaCakes118

Files

3fe0e9e27f53ae4a72b600104bf4d325_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c16c22c9d395abf0ff9522587d325884

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

GetObjectType
GetObjectW
GetPixel
GetStockObject
GetTextExtentPoint32A
GetTextMetricsA
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
ModifyWorldTransform
MoveToEx
OffsetClipRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
PatBlt
PlayMetaFile
PlayMetaFileRecord
PolyBezierTo
PolyDraw
Polygon
PolylineTo
PtVisible
RectVisible
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
GetObjectA
SelectClipRgn
SelectObject
SelectPalette
SetArcDirection
SetBkColor
SetBkMode
SetColorAdjustment
SetDIBColorTable
SetGraphicsMode
SetMapMode
SetMapperFlags
SetPolyFillMode
SetROP2
SetRectRgn
SetStretchBltMode
SetTextAlign
SetTextCharacterExtra
SetTextColor
SetTextJustification
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetWorldTransform
StartDocA
StretchBlt
TextOutA
GetMapMode
GetDeviceCaps
GetDCOrgEx
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExtTextOutA
ExtSelectClipRgn
ExtCreatePen
ExcludeClipRect
Escape
EnumMetaFile
DeleteObject
DeleteDC
DPtoLP
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePen
CreatePatternBrush
CreateHatchBrush
CreateFontIndirectW
CreateFontIndirectA
CreateDIBitmap
CreateDIBSection
CreateDIBPatternBrushPt
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CopyMetaFileA
CombineRgn
BitBlt
SelectClipPath
ArcTo

advapi32

RegEnumKeyExW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
LookupPrivilegeValueW
OpenProcessToken
RegSetValueExW
RegSetValueExA
RegSetValueA
RegQueryValueExW
RegQueryValueExA
RegQueryValueA
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyExA
RegOpenKeyA
AdjustTokenPrivileges
RegEnumKeyA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyW
RegCreateKeyExW
RegCreateKeyExA
RegCreateKeyA
RegCloseKey

ole32

StringFromCLSID
SetConvertStg
ReleaseStgMedium
ReadFmtUserTypeStg
ReadClassStg
OleDuplicateData
StringFromGUID2
CreateBindCtx
CoTreatAsClass
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoDisconnectObject
CoCreateInstance
CLSIDFromString
WriteClassStg
CreateStreamOnHGlobal
WriteFmtUserTypeStg
OleRegGetUserType

user32

SystemParametersInfoW
SystemParametersInfoA
ShowWindow
ShowScrollBar
ShowOwnedPopups
SetWindowsHookExA
SetWindowTextW
SetWindowTextA
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetWindowLongA
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropA
TabbedTextOutA
SetForegroundWindow
SetFocus
SetDlgItemTextW
SetDlgItemTextA
SetDlgItemInt
SetCursor
SetCapture
SetActiveWindow
SendMessageW
SendMessageA
ScrollWindowEx
ScrollWindow
ScreenToClient
RemovePropA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterWindowMessageA
TrackPopupMenu
TrackPopupMenuEx
TranslateMessage
WinHelpA
ValidateRect
UpdateWindow
UnregisterClassA
SetMenuItemBitmaps
UnhookWindowsHookEx
RegisterClassW
RegisterClassExW
RegisterClassA
PtInRect
PostThreadMessageW
PostQuitMessage
PostMessageW
PostMessageA
PeekMessageW
PeekMessageA
OffsetRect
MoveWindow
ModifyMenuA
MessageBoxW
MessageBoxA
MapWindowPoints
LoadImageW
LoadIconW
LoadIconA
LoadCursorW
LoadCursorA
LoadBitmapA
KillTimer
IsWindowVisible
IsWindowEnabled
IsWindow
IsIconic
IsDlgButtonChecked
IsDialogMessageA
IsChild
InvalidateRect
IntersectRect
InsertMenuA
InflateRect
GrayStringA
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthA
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowLongA
GetWindowDC
GetWindow
GetTopWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetNextDlgTabItem
GetMessageW
GetMessageTime
GetMessagePos
GetMessageA
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
GetDlgCtrlID
GetDialogBaseUnits
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoExW
GetClassInfoExA
GetClassInfoA
GetCapture
GetActiveWindow
FindWindowW
FillRect
ExitWindowsEx
EqualRect
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableMenuItem
DrawTextW
DrawTextExA
DrawTextA
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DialogBoxParamW
DestroyWindow
DestroyMenu
DestroyIcon
DeleteMenu
DeferWindowPos
DefWindowProcW
DefWindowProcA
DefDlgProcW
CreateWindowExW
CreateWindowExA
CreateDialogParamW
CreateDialogIndirectParamA
CopyRect
ClientToScreen
CheckRadioButton
CheckMenuItem
CheckDlgButton
CharUpperW
CharUpperA
CharNextW
CharLowerW
CharLowerA
CallWindowProcW
CallWindowProcA
CallNextHookEx
BeginPaint
BeginDeferWindowPos
AppendMenuA
AdjustWindowRectEx
SendDlgItemMessageA

shell32

SHGetFileInfoA
SHGetSpecialFolderPathW
ShellExecuteW
ExtractIconA

comdlg32

ChooseFontW
GetFileTitleA

comctl32

ImageList_GetIconSize
ImageList_LoadImageW
ord17
_TrackMouseEvent
ImageList_Destroy
ImageList_Draw

oleaut32

VarR8FromStr
VarI4FromStr
VarDecFromStr
VarDecCmp
VarDateFromStr
VariantTimeToSystemTime
VariantInit
VariantCopy
VariantClear
VariantChangeType
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayCreate
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayGetDim
SafeArrayGetElement
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayLock
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArrayUnaccessData
SafeArrayUnlock
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysReAllocStringLen
SysStringByteLen
SysStringLen
SystemTimeToVariantTime
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarCyFromStr
VarUI4FromStr

winmm

PlaySoundW

wininet

InternetWriteFile
InternetSetStatusCallbackA
InternetSetOptionExA
InternetSetFilePointer
InternetSetCookieA
InternetReadFile
InternetQueryOptionA
InternetQueryDataAvailable
InternetOpenUrlA
InternetOpenA
InternetGetLastResponseInfoA
InternetGetCookieA
InternetFindNextFileA
InternetErrorDlg
InternetCrackUrlA
InternetConnectA
InternetCloseHandle
InternetCanonicalizeUrlA
HttpSendRequestExA
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpEndRequestA
HttpAddRequestHeadersA
GopherOpenFileA
GopherGetAttributeA
GopherFindFirstFileA
GopherCreateLocatorA
FtpSetCurrentDirectoryA
FtpRenameFileA
FtpRemoveDirectoryA
FtpPutFileA
FtpOpenFileA
FtpGetFileA
FtpGetCurrentDirectoryA
FtpFindFirstFileA
FtpDeleteFileA
FtpCreateDirectoryA
FtpCommandA

shlwapi

PathStripToRootA
PathRemoveFileSpecW
PathRemoveExtensionA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathCombineW
PathCanonicalizeW
UrlUnescapeA

kernel32

WritePrivateProfileStringA
WriteFile
WriteConsoleW
WriteConsoleA
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
UnmapViewOfFile
UnlockFile
LCMapStringW
LCMapStringA
IsValidLocale
IsValidCodePage
IsProcessorFeaturePresent
IsDebuggerPresent
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalLock
lstrcmpA
GlobalGetAtomNameA
GlobalFree
GlobalFlags
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetVolumeInformationW
GetVolumeInformationA
GetVersionExW
GetVersionExA
GetVersion
GetUserDefaultLCID
GetTimeZoneInformation
GetTimeFormatA
GetTickCount
GetThreadLocale
GetTempPathW
GetSystemTimeAsFileTime
GetSystemInfo
GetStringTypeW
GetStringTypeExW
GetStringTypeExA
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetShortPathNameA
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileIntA
GetOEMCP
GetNumberFormatW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameA
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetFileAttributesExW
GetFileAttributesA
GetExitCodeProcess
GetEnvironmentVariableW
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStringsA
GetDriveTypeA
GetDateFormatA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentDirectoryA
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineW
GetCommandLineA
GetCPInfo
GetAtomNameA
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageA
FlushInstructionCache
FlushFileBuffers
FindVolumeClose
FindResourceW
FindResourceExW
FindResourceA
FindNextVolumeW
FindNextFileW
FindNextFileA
FindFirstVolumeW
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FatalAppExitA
ExitThread
ExitProcess
EnumSystemLocalesA
EnumResourceLanguagesA
EnterCriticalSection
DuplicateHandle
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessW
CreateMutexA
CreateFileMappingW
CreateFileA
CreateEventA
CreateDirectoryW
CreateDirectoryA
CopyFileA
ConvertDefaultLocale
CompareStringW
CompareStringA
CloseHandle
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalReAlloc
LockFile
LeaveCriticalSection
LockResource
MapViewOfFileEx
MoveFileA
MoveFileExA
MulDiv
MultiByteToWideChar
OpenMutexA
OpenProcess
QueryPerformanceCounter
RaiseException
ReadFile
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
SuspendThread
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrlenA
lstrlenW
GlobalHandle
TlsGetValue
TlsSetValue
UnhandledExceptionFilter

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Exports

Exports

Long_FromLongLong
SimpleParseString
set_background
set_user_limits

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 270KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c16c22c9d395abf0ff9522587d325884

Headers

File Characteristics

Imports

gdi32

advapi32

ole32

user32

shell32

comdlg32

comctl32

oleaut32

winmm

wininet

shlwapi

kernel32

winspool.drv

Exports

Exports

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 270KB - Virtual size: 269KB

.data Size: 69KB - Virtual size: 69KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 270KB - Virtual size: 269KB

.data
Size: 69KB - Virtual size: 69KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 4KB - Virtual size: 3KB