e2a6b2b5d08dab8fe70be9ca6c1d8c2d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e2a6b2b5d08dab8fe70be9ca6c1d8c2d_JaffaCakes118
Size

128KB
MD5

e2a6b2b5d08dab8fe70be9ca6c1d8c2d
SHA1

ad1bca391a945ad699e6586de6ea5a73042e4885
SHA256

b5fd515722d7afb3b98a16da19d1bbdbcd6b77fe831e2b0c8e4a299adeba2cb5
SHA512

01ddb2a9e1e0b0d82657f31ac73d6168965b7c4409b0420f75a4d7e0809b55c1a6e79aeb3156b4ec41f1d68e3deddf12623b9c68bc68ac0f3f261ab93029a480
SSDEEP

3072:BGEMgf2NG9CK28gdPLX7MmXDTojro+1S:BGHG9s8g9L7MmTwrE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2a6b2b5d08dab8fe70be9ca6c1d8c2d_JaffaCakes118

Files

e2a6b2b5d08dab8fe70be9ca6c1d8c2d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

f571691000a3a36c41c698abffde22da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetCombineUrlA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryDataAvailable
HttpQueryInfoA
InternetReadFile

urlmon

URLDownloadToFileA

kernel32

GetLastError
lstrlenA
InterlockedIncrement
GetModuleFileNameA
GetWindowsDirectoryA
InterlockedDecrement
SetFileTime
CreateFileA
GetFileTime
OpenFile
GetVersionExA
CloseHandle
DeviceIoControl
SetPriorityClass
GetCurrentProcess
lstrcmpiA
GetVolumeInformationA
GetUserDefaultLangID
GetSystemDefaultLangID
GetSystemTime
DisableThreadLibraryCalls
InitializeCriticalSection
lstrlenW
MultiByteToWideChar
GetShortPathNameA
GetModuleHandleA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
WriteFile
DebugBreak
OutputDebugStringA
LCMapStringW
LCMapStringA
GetEnvironmentStrings
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
IsBadReadPtr
SetHandleCount
SetFilePointer
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
FlushFileBuffers
SetEndOfFile
SetStdHandle
GetEnvironmentStringsW
GetStartupInfoA
GetFileType
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
GetStringTypeW
RtlUnwind
GetTimeZoneInformation
GetLocalTime
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
ReadFile
FreeEnvironmentStringsA
TerminateProcess
GetStdHandle
GetStringTypeA
TlsGetValue
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
ExitProcess
GetCPInfo
GetACP
GetOEMCP

user32

CharLowerA
MessageBoxA
LoadStringA
CharNextA
wvsprintfA

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegEnumValueA

shell32

ShellExecuteA

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

oleaut32

SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
VarUI4FromStr
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f571691000a3a36c41c698abffde22da

Headers

File Characteristics

Imports

wininet

urlmon

kernel32

user32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 26KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 26KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 8KB - Virtual size: 7KB