40cf82910dad748f7dec42926d562f74_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40cf82910dad748f7dec42926d562f74_JaffaCakes118
Size

500KB
MD5

40cf82910dad748f7dec42926d562f74
SHA1

f872c37f065a1fd912082f9f055a90ed43a7ed30
SHA256

7336f79c015f41469f821ec53e136f3f07464a23d01b40feb7ade8c2d64f0f75
SHA512

89c971565e86fca5f985de8c30b77106225882033138bf8437218933d738b0a8300f8670190de96754b6fb3b7adeaae25b050b0d1071169d318facad7dab0fcd
SSDEEP

12288:7ekckFCVjkXSouk8LiY2mT3ZWH6Ptz/BEd:7JsziYZ3ZWKzJE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40cf82910dad748f7dec42926d562f74_JaffaCakes118

Files

40cf82910dad748f7dec42926d562f74_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

685946a4012706209846c0a6fdf630a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHDeleteValueW
SHGetValueW

kernel32

GetPrivateProfileSectionA
FlushFileBuffers
GetProcAddress
LoadLibraryA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MoveFileExA
CallNamedPipeW
SetFileApisToANSI
OpenSemaphoreW
GetPrivateProfileSectionW
GetProfileSectionW
FindFirstChangeNotificationA
SetStdHandle
SetFileShortNameA
DeleteFileA
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
GlobalSize
FindNextFileW
CreateEventW
InitAtomTable
CreateFileA
FatalAppExitA
GetProcessTimes
GetCurrentThread
VirtualUnlock
SetNamedPipeHandleState
EnumResourceLanguagesW
HeapSetInformation
VirtualQuery
GetCommConfig
InterlockedExchangeAdd
TlsSetValue
GetLastError
GetTimeZoneInformation
CancelIo
DefineDosDeviceA
GetDefaultCommConfigW
VirtualProtectEx
GetTapePosition
MapViewOfFileEx
PrepareTape
VirtualFreeEx
MapViewOfFile
GlobalFindAtomW
GetCommandLineW
GetThreadSelectorEntry
BuildCommDCBW
ClearCommBreak
FindFirstFileW
GetFileSize
FindResourceA
GetProcessPriorityBoost
ExitThread
GetCommModemStatus
GetProcessHeap
GetCommMask
EndUpdateResourceW
ExitProcess
LoadResource
PurgeComm
CommConfigDialogW
DebugBreak
GetProcessHeaps
GetDiskFreeSpaceA
GetComputerNameA
GetFileTime
GlobalAddAtomW
DefineDosDeviceW
IsSystemResumeAutomatic
SuspendThread
FindResourceW
GetTempFileNameW
LocalFree
FormatMessageA
CreateProcessW
GetStartupInfoW
CreateDirectoryA
LocalLock
GetVersion
FatalAppExitW
GetSystemPowerStatus
EscapeCommFunction
LockFileEx
GetThreadPriorityBoost
MoveFileW
GlobalDeleteAtom
FreeLibrary
GetLongPathNameW
SetFirmwareEnvironmentVariableW
FindNextChangeNotification
FindResourceExW
GetStdHandle
GetVolumeInformationW
AddAtomA
ContinueDebugEvent
EnumResourceTypesW
GetVolumeInformationA
FreeEnvironmentStringsW
VerifyVersionInfoW
SetFilePointer
GlobalFlags
FreeResource
GetTickCount
Sleep
OpenEventW
CreateNamedPipeW
DeviceIoControl
GetTapeParameters
GetProcessIoCounters
GlobalUnlock
ExpandEnvironmentStringsA
GetNamedPipeHandleStateW
GetPrivateProfileIntW
GetEnvironmentVariableW
RequestDeviceWakeup
CreateSemaphoreA
GetSystemTime
OpenMutexW
IsProcessorFeaturePresent
IsBadStringPtrA
CreateMailslotW
ReleaseMutex
HeapValidate
MoveFileExW
GetExitCodeProcess
lstrcmpiW
EnumResourceNamesW
CreateMutexW
SetComputerNameW
GetFullPathNameW
OutputDebugStringW
LocalHandle
GetBinaryTypeW
GlobalCompact
GetPrivateProfileSectionNamesA
GetCurrentDirectoryA
SetFileAttributesA
CreateFileMappingA
GetPrivateProfileStructW
GetProfileStringW
GlobalFix
LoadLibraryExW
HeapUnlock
DosDateTimeToFileTime
CloseHandle
GetProcessShutdownParameters
GetPriorityClass
GetSystemTimeAsFileTime
GetDevicePowerState
ResetWriteWatch
BuildCommDCBAndTimeoutsW
SetCommMask
CreateDirectoryW
FindResourceExA
FlushViewOfFile
GetSystemInfo
DeleteAtom
WaitCommEvent
GlobalReAlloc
LocalUnlock
GetNamedPipeHandleStateA
EraseTape
GetTempFileNameA
GetCurrentProcess
EnumResourceNamesA
SetProcessAffinityMask
GetPrivateProfileStringW
HeapReAlloc
InterlockedExchange
UnlockFileEx
SetFileTime
GetTempPathA
GlobalUnWire
SetSystemPowerState
lstrlenA
GlobalFindAtomA
GetBinaryTypeA
TerminateThread
ClearCommError
GlobalGetAtomNameW
GetVersionExA
GetCurrentProcessId
InterlockedDecrement
GetEnvironmentStringsW
DebugBreakProcess
GlobalUnfix
GetThreadPriority
BackupSeek
GetPrivateProfileSectionNamesW
GetProfileIntW
CreateFileMappingW
SetFileShortNameW
FindAtomW
LockResource
SetHandleCount
SetThreadPriority
SetLocalTime
ExpandEnvironmentStringsW
SizeofResource
SetUnhandledExceptionFilter
BeginUpdateResourceW
GlobalHandle
LocalFileTimeToFileTime
GetModuleHandleW
GetShortPathNameA
HeapLock
WritePrivateProfileStructA
GetCurrentThreadId
GetLocalTime
SetVolumeLabelW
HeapDestroy
GlobalGetAtomNameA
WriteFile
WritePrivateProfileStringW
SetProcessShutdownParameters
LoadLibraryExA
GetStartupInfoA
GlobalAlloc
IsBadWritePtr
lstrcmpA
lstrcpynW
CopyFileW
OpenMutexA
WinExec
SetTimeZoneInformation
CreateProcessA
HeapCompact
GetVersionExW
GetThreadTimes
CreateFileW
GetCommTimeouts
CommConfigDialogA
GetFileAttributesA
WaitForDebugEvent
LoadLibraryW
IsBadStringPtrW
GetQueuedCompletionStatus
lstrcmpiA
FindClose
FreeEnvironmentStringsA
GetShortPathNameW
ReleaseSemaphore
WriteTapemark
GetWriteWatch
GlobalFree
DebugActiveProcessStop
GetLogicalDriveStringsW
GetPrivateProfileStringA
GetDriveTypeW
RaiseException
FileTimeToDosDateTime
GetFileAttributesExW
WaitNamedPipeW
GetSystemDirectoryA
CreateRemoteThread
GetFileAttributesW
GetDriveTypeA
BuildCommDCBAndTimeoutsA
GetFileInformationByHandle
RemoveDirectoryW
FileTimeToLocalFileTime
GlobalAddAtomA
WritePrivateProfileStructW
Beep
SetCommConfig
OutputDebugStringA
GetCommProperties
GetProcessVersion
OpenFileMappingA
LocalReAlloc
OpenThread
HeapFree
LocalCompact
GetSystemDirectoryW
IsBadHugeReadPtr
PostQueuedCompletionStatus
GetProcessWorkingSetSize
WritePrivateProfileSectionA
lstrcatA
SetMessageWaitingIndicator
GetFirmwareEnvironmentVariableA
HeapCreate
GetAtomNameW
WaitNamedPipeA
GetProfileSectionA
EnumResourceTypesA
GetTapeStatus
WriteProfileStringW
GetNamedPipeInfo
GetEnvironmentVariableA
GetDefaultCommConfigA
LocalShrink
UpdateResourceA
GetDiskFreeSpaceExA
ConnectNamedPipe
FindFirstChangeNotificationW
CreateDirectoryExA
SetProcessPriorityBoost
GetCommandLineA
GetThreadContext
VirtualProtect
VirtualAlloc
InterlockedCompareExchange
ResumeThread
FlushInstructionCache
SetThreadContext
SetLastError
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
QueryPerformanceCounter
VirtualFree
WideCharToMultiByte
GetEnvironmentStrings
GetFileType
GetModuleFileNameA
HeapSize
GetModuleHandleA
HeapAlloc
InterlockedIncrement
TlsFree
TlsAlloc
TlsGetValue
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
RtlUnwind

user32

OffsetRect
IntersectRect
InflateRect
ClientToScreen
GetWindowTextW
GetWindowLongW
CharUpperW
SetWindowLongW
GetClassNameA
GetClassNameW
SetWindowTextW
GetPropW
CreateDialogParamA
PostMessageW
SetActiveWindow
CreateDialogParamW
RemovePropW
GetParent
MoveWindow
GetClientRect
RealGetWindowClassA
GetDlgItem
PeekMessageW
GetPropA
RealGetWindowClassW
GetWindowLongA
SendMessageA
DispatchMessageW
SetPropA
DestroyWindow
SetWindowLongA
RemovePropA
SendMessageW
MsgWaitForMultipleObjects
SetPropW
BringWindowToTop
EnumChildWindows
CharLowerW
TranslateMessage
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId

oleaut32

VarCmp
VariantCopy
SysAllocString
SysStringLen
SysFreeString
VariantInit
VariantClear
VariantChangeType

Exports

Exports

DllAction
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 378KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

685946a4012706209846c0a6fdf630a6

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

oleaut32

Exports

Exports

Sections

.text Size: 378KB - Virtual size: 377KB

.rdata Size: 37KB - Virtual size: 36KB

.data Size: 5KB - Virtual size: 27KB

.rsrc Size: 1024B - Virtual size: 876B

.reloc Size: 77KB - Virtual size: 77KB

.text
Size: 378KB - Virtual size: 377KB

.rdata
Size: 37KB - Virtual size: 36KB

.data
Size: 5KB - Virtual size: 27KB

.rsrc
Size: 1024B - Virtual size: 876B

.reloc
Size: 77KB - Virtual size: 77KB