JaffaCakes118_458c2a91b614f82bf3959e22a15de680

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_458c2a91b614f82bf3959e22a15de680
Size

420KB
MD5

458c2a91b614f82bf3959e22a15de680
SHA1

37461e8d260ae14c0a4dc459fe10bee4ff24a8dd
SHA256

9e1251e4d0fa1234489cf5cedda38eed70b809efef6e34a81e7238f8c9e5824d
SHA512

1ce65d626c55b82d5e4a7635aa3bc6924fa0bf3d3ddb4dbe9702fbf8f02c3a15ab480a73b5f90090abdaa5756c925830321a9a98990722f7c7ee72e741b471e6
SSDEEP

6144:x6YI4ud53eGWtV7BH4Uc7zsbU10Ie4JoDQxCh2FOMQ:TqeER7zeTIeOoMre

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_458c2a91b614f82bf3959e22a15de680

Files

JaffaCakes118_458c2a91b614f82bf3959e22a15de680
.dll regsvr32 windows:5 windows x86 arch:x86

9323d4c4732fecd8d35ca825cee9991e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

ThemeUI.pdb

Imports

msvcrt

_except_handler3
_vsnwprintf
_vsnprintf
atoi
_wcsnicmp
_adjust_fdiv
malloc
_initterm
free
wcstombs
_itow
wcslen
_ftol

kernel32

ExpandEnvironmentStringsW
CopyFileW
ProcessIdToSessionId
GetCurrentProcessId
InterlockedExchange
GetCurrentThreadId
GetModuleHandleW
lstrlenA
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
WriteFile
InterlockedCompareExchange
LoadLibraryA
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetPrivateProfileIntW
FormatMessageW
WinExec
GetWindowsDirectoryW
GetSystemDirectoryW
FindFirstFileW
FindNextFileW
FindClose
GetShortPathNameW
GetLongPathNameW
CreateThread
WaitForSingleObject
FreeLibraryAndExitThread
WritePrivateProfileStringW
LoadLibraryExW
FreeResource
WriteProfileStringW
lstrcmpW
GetPrivateProfileStringW
GetTempPathW
GetSystemDefaultLCID
GetUserDefaultLCID
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetLocaleInfoW
CreateFileW
ReadFile
SetFilePointer
MultiByteToWideChar
CreateProcessW
GetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
CloseHandle
DeleteFileW
GlobalMemoryStatus
GetProcAddress
GetModuleFileNameW
GlobalAlloc
IsDebuggerPresent
FreeLibrary
LoadLibraryW
LocalAlloc
GetTickCount
LocalFree
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
lstrlenW
MulDiv
GetModuleHandleA
lstrcpynW
DelayLoadFailureHook
GetVersionExA

gdi32

GetNearestPaletteIndex
GetObjectType
SetTextAlign
ExtTextOutW
GetTextExtentPointW
BeginPath
EndPath
CreatePen
StrokePath
PathToRegion
GetPixel
ExtFloodFill
SetMagicColors
CreatePatternBrush
CreateHalftonePalette
IntersectClipRect
SetStretchBltMode
StretchBlt
SelectClipRgn
GetDIBColorTable
CreateBitmap
SaveDC
GetTextColor
SetBkColor
RestoreDC
TranslateCharsetInfo
TextOutW
EnumFontFamiliesW
CreateDIBSection
CreateCompatibleBitmap
SetLayout
CreateCompatibleDC
BitBlt
SetTextColor
SetBkMode
DeleteDC
CreateSolidBrush
GetObjectW
GetTextMetricsW
SelectPalette
RealizePalette
PatBlt
EnumFontFamiliesExW
GetTextExtentPoint32W
SelectObject
GetDeviceCaps
GetPaletteEntries
CreatePalette
DeleteObject
CreateFontIndirectW
SetPaletteEntries
GetStockObject
GetNearestColor

user32

CharNextW
DrawIconEx
EnumChildWindows
SendNotifyMessageW
LoadIconW
UnionRect
AlignRects
SetWindowRgn
GetCursorPos
GetAsyncKeyState
GetMessagePos
GetMessageTime
GetDoubleClickTime
SetRect
IntersectRect
GetKeyState
SetCursorPos
BringWindowToTop
SetMenuDefaultItem
IsWindowEnabled
CheckMenuItem
TrackPopupMenu
IsCharUpperW
IsRectEmpty
ClientToScreen
SystemParametersInfoA
PostThreadMessageW
EnumDisplaySettingsExW
CharUpperBuffW
GetDlgItemInt
SendMessageTimeoutW
EndTask
CallWindowProcW
RedrawWindow
GetFocus
FindWindowW
RegisterWindowMessageW
LoadBitmapW
IsWindow
DrawIcon
SetSysColorsTemp
DrawCaptionTempW
DrawFrameControl
GetDesktopWindow
DrawMenuBarTemp
GetSubMenu
CharLowerW
DestroyIcon
DestroyMenu
LoadMenuW
EnableMenuItem
PtInRect
WaitForInputIdle
MessageBoxW
GetClassInfoW
RegisterClassW
GetDlgCtrlID
GetCapture
ChangeDisplaySettingsW
SetRectEmpty
EnumDisplayDevicesW
ChangeDisplaySettingsExW
RegisterClipboardFormatW
CharUpperW
SetWindowTextW
SystemParametersInfoW
SetForegroundWindow
LoadImageW
GetMessageW
RegisterClassExW
SetTimer
KillTimer
GetSystemMetrics
UnregisterClassW
BeginPaint
LoadStringA
CopyRect
DrawTextW
EndPaint
MonitorFromPoint
SetFocus
ShowCursor
ReleaseCapture
SetCapture
ShowWindow
GetDlgItemTextW
MoveWindow
DrawTextExW
SetWindowPos
AdjustWindowRect
MonitorFromRect
GetMonitorInfoW
ChildWindowFromPoint
IsWindowVisible
LoadCursorW
SetCursor
GetSysColor
SetSysColors
MapWindowPoints
DestroyWindow
MsgWaitForMultipleObjects
PeekMessageW
TranslateMessage
DispatchMessageW
GetParent
PostMessageW
GetWindowLongW
SetWindowLongW
DefWindowProcW
WinHelpW
EndDialog
IsDlgButtonChecked
GetWindowTextW
GetClientRect
LoadStringW
GetWindow
SetDlgItemTextW
SetDlgItemInt
DrawEdge
OffsetRect
FillRect
InflateRect
DrawFocusRect
FrameRect
GetSysColorBrush
InvalidateRect
UpdateWindow
SendDlgItemMessageW
CheckDlgButton
EnableWindow
GetDC
ReleaseDC
GetDlgItem
SendMessageW
GetWindowRect
GetWindowLongA
CreateWindowExW
DialogBoxParamW

advapi32

RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegEnumKeyW
RegQueryInfoKeyW
RegDeleteValueW
RegSetValueW
RegEnumValueW
RegOpenKeyExA
RegQueryValueExA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

secur32

GetUserNameExW

msimg32

TransparentBlt

shlwapi

ord175
ord217
ord534
ord508
PathCommonPrefixW
StrStrIW
SHGetValueW
ord439
ord346
PathRemoveExtensionW
PathIsRelativeW
ord466
ord295
ord294
PathIsFileSpecW
StrChrW
PathRemoveBlanksW
ord464
PathRemoveFileSpecW
SHRegGetPathW
ord165
StrDupW
PathQuoteSpacesW
wvnsprintfW
ord191
SHRegSetUSValueW
SHRegSetPathW
ord507
ord260
PathUnExpandEnvStringsW
ord193
PathParseIconLocationW
ord271
StrToIntExW
SHRegGetUSValueW
PathFindFileNameW
StrStrW
SHSetValueW
ord460
ord437
ord16
ord24
PathFileExistsW
ord499
SHRegGetBoolUSValueW
ord172
ord494
SHDeleteKeyW
ord497
ord487
ord495
StrCmpW
StrCmpNIW
PathAppendW
StrCmpIW
ord199
ord174
ord496
StrToIntW
ord219
ord353
ord80
StrCatBuffW
wnsprintfW
PathFindExtensionW

shell32

SHCreateDirectoryExW
SHGetFolderPathW
SHChangeNotify
ord194
ord167
ord169
ord182
SHFileOperationW
ord258
ord259
ShellExecuteExW
ord74
ord100
SHGetSpecialFolderPathW
ExtractIconW
ShellExecuteW
ExtractIconExW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9323d4c4732fecd8d35ca825cee9991e

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

gdi32

user32

advapi32

ole32

secur32

msimg32

shlwapi

shell32

Exports

Exports

Sections

.text Size: 218KB - Virtual size: 218KB

.data Size: 3KB - Virtual size: 70KB

.rsrc Size: 125KB - Virtual size: 125KB

.reloc Size: 15KB - Virtual size: 14KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 218KB - Virtual size: 218KB

.data
Size: 3KB - Virtual size: 70KB

.rsrc
Size: 125KB - Virtual size: 125KB

.reloc
Size: 15KB - Virtual size: 14KB

.rmnet
Size: 56KB - Virtual size: 60KB