JaffaCakes118_c9c27a0281b53d47e7d2d0f33461998cc56eb9a3c55a4c2bf7ecb10f5fadae1f

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_c9c27a0281b53d47e7d2d0f33461998cc56eb9a3c55a4c2bf7ecb10f5fadae1f
Size

413KB
MD5

ea215551ed37075bd16e88e417f3c0f5
SHA1

e67b1a8504809a622993e8e827dad23cacf8c189
SHA256

c9c27a0281b53d47e7d2d0f33461998cc56eb9a3c55a4c2bf7ecb10f5fadae1f
SHA512

7308e12b2a8187b59f69ee0338b22638c3d71df1d65c98b743cd186646f2fdeb12d66ec92efd1ebce3b290fd32d626114cd9c696f11d866aeebe484d6406eff6
SSDEEP

6144:YvXnRXTk2vOUWei6qAvVyFuYpjhBd8hnwfFFg+mkTNHS19aGP6bmhQ79xB2G+U:YvXRXn5ilWibdmqm8yDaGthQ7972G+U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1f0d7f3144ba0d50374f61c941f5a94e

Files

JaffaCakes118_c9c27a0281b53d47e7d2d0f33461998cc56eb9a3c55a4c2bf7ecb10f5fadae1f
.zip

Password: infected
1f0d7f3144ba0d50374f61c941f5a94e
.dll windows:4 windows x86 arch:x86

25a3bf96f64b55a69d3aaf04f6c99acc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
IsBadWritePtr
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
HeapSize
HeapReAlloc
TerminateProcess
ExitProcess
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
RtlUnwind
GetTickCount
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameA
CreateFileA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
InterlockedIncrement
InterlockedDecrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
CloseHandle
GetCurrentThread
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
lstrcmpA
SetLastError
GlobalFree
MulDiv
GlobalAlloc
FormatMessageA
LocalFree
DeleteCriticalSection
InitializeCriticalSection
RaiseException
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
GetModuleHandleA
GetProcAddress
lstrcpynA
GlobalLock
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
FindResourceA
LoadResource
LockResource
SizeofResource
GetStringTypeExA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
LoadLibraryW
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetStringTypeA
InterlockedExchange

user32

RemoveMenu
SetParent
GetSystemMenu
AppendMenuA
DeleteMenu
IsRectEmpty
GetDC
ReleaseDC
IsZoomed
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
MessageBoxA
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetClientRect
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassA
CopyAcceleratorTableA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
InsertMenuA
PtInRect
RegisterWindowMessageA
wsprintfA
LoadMenuA
DestroyMenu
GetClassNameA
GetSysColor
SetWindowPos
WinHelpA
SetFocus
GetActiveWindow
GetFocus
EqualRect
GetDlgItem
SetWindowLongA
GetKeyState
GetDlgCtrlID
GetMenu
UnpackDDElParam
ReuseDDElParam
LoadIconA
GetClassInfoA
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
IsWindowVisible
InvalidateRect
IsIconic
DestroyIcon
FillRect
LockWindowUpdate
GetDCEx
WindowFromPoint
GetSysColorBrush
GetMenuItemInfoA
InflateRect
InsertMenuItemA
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetLastActivePopup
BringWindowToTop
PostMessageA
SetMenu
ShowWindow
GetWindowLongA
GetMenuStringA
RegisterClipboardFormatA
IsWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
SendMessageA
TranslateAcceleratorA
CharUpperA
EnableWindow
UpdateWindow
GetTabbedTextExtentA
PostThreadMessageA
GetSystemMetrics
CreateMenu
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetCapture
KillTimer
SetTimer
ClientToScreen
SetWindowRgn
DrawIcon
FindWindowA
EndDialog
LoadCursorA
DestroyCursor
SetRect
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
ShowOwnedPopups
PostQuitMessage
CreateDialogIndirectParamA
UnregisterClassA
GetNextDlgTabItem

gdi32

SetAbortProc
AbortDoc
EndDoc
CreateEllipticRgn
LPtoDP
Ellipse
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
EndPage
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
CreatePatternBrush
CreateSolidBrush
CreateFontIndirectA
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetBkColor
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetWindowOrgEx
StartPage
StartDocA
GetStockObject
PatBlt
Rectangle
DPtoLP
GetViewportOrgEx
CreatePen
CreateDCA
GetDeviceCaps
CreateFontA
GetCharWidthA
DeleteObject
StretchDIBits
DeleteDC
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
SetViewportExtEx
CreateCompatibleBitmap
CreateCompatibleDC

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA
CommDlgExtendedError
PrintDlgA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA

advapi32

GetFileSecurityA
RegSetValueA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
RegCloseKey
SetFileSecurityA

shell32

DragFinish
DragQueryFileA
ExtractIconA
SHGetFileInfoA
DragAcceptFiles

comctl32

ImageList_Draw
ImageList_GetImageInfo
ord17
ImageList_Destroy

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

Exports

Exports

DllRegisterServer1

Sections

.text
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

25a3bf96f64b55a69d3aaf04f6c99acc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

Exports

Exports

Sections

.text Size: 296KB - Virtual size: 295KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 232KB - Virtual size: 231KB

.reloc Size: 52KB - Virtual size: 48KB

.text
Size: 296KB - Virtual size: 295KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 232KB - Virtual size: 231KB

.reloc
Size: 52KB - Virtual size: 48KB