ec863f49c79cf456fd304a90f28f178d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ec863f49c79cf456fd304a90f28f178d_JaffaCakes118
Size

188KB
MD5

ec863f49c79cf456fd304a90f28f178d
SHA1

f99b5b86713da54069bfabad506a8e48a6356145
SHA256

e55f422150ef05c4098b5b8d84c77d41db48311b8c5a51ca1658e2db846dfbba
SHA512

79eab7bba675a0ade8ebea538d4c0d0ca02fcb934cc28fe760ce6c3786f7ef237d689a4ccc2563dd132137ff6dab576126d2d49a3161fc5e3013a872ed0c7292
SSDEEP

3072:IFVHlI42ZPnjqf6nJeLDCRvknXTe0wkzfI1JkhQKbUBXjxA+yZ:ILHK4KPLnJe3cknjnwkzzhQEU5j++

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec863f49c79cf456fd304a90f28f178d_JaffaCakes118

Files

ec863f49c79cf456fd304a90f28f178d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

01089c7676b3839e03fca815cd7d885e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

oleaut32

GetErrorInfo
VariantClear
SysAllocString
SysFreeString

winmm

timeGetTime

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoCreateGuid
CoTaskMemAlloc

shlwapi

SHSetValueA
SHGetValueA
StrStrIA

netapi32

Netbios

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

msvcrt

islower
wcslen
?what@exception@@UBEPBDXZ
wcscmp
isalnum
isxdigit
toupper
strtok
strstr
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
isupper
??2@YAPAXI@Z
__mb_cur_max
srand
isspace
strtol
atoi
tmpnam
fopen
fwrite
fclose
free
isgraph
strncpy
strchr
printf
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_CxxThrowException
malloc
tolower
??0exception@@QAE@ABV0@@Z
ispunct
strerror
__CxxFrameHandler
??3@YAXPAX@Z
isalpha
wctomb

rpcrt4

UuidToStringA

wininet

InternetOpenA
InternetSetOptionA
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle

user32

wsprintfA
RegisterClassExA
CreateWindowExA
ShowWindow
DefWindowProcA
TranslateMessage
DispatchMessageA
OpenClipboard
CloseClipboard
SetTimer
KillTimer
EnumChildWindows
EnumWindows
GetWindowThreadProcessId
GetClassNameA
SetWindowPos
SystemParametersInfoA
GetMessageA

kernel32

GetCurrentDirectoryA
HeapFree
MultiByteToWideChar
Sleep
GetCurrentProcess
GetProcessTimes
GetCurrentThread
GetThreadTimes
CreateFileA
GetCurrentProcessId
GetSystemInfo
SleepEx
GetModuleHandleA
GetLocalTime
DeleteFileA
CreateProcessA
GetTickCount
QueryPerformanceCounter
WaitForSingleObject
MoveFileExA
LoadLibraryA
OpenProcess
QueryPerformanceFrequency
lstrcpyA
lstrlenA
GetVersionExA
GetEnvironmentVariableA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetLastError
LocalFree
FormatMessageA
GetWindowsDirectoryA
HeapSize
HeapAlloc
GetVersion
GetProcessHeap
SetLastError
GetModuleFileNameA
InterlockedExchange
GetFullPathNameA
lstrcpynA
lstrcmpiA
lstrcmpA
FreeLibrary
CloseHandle
CreateRemoteThread
WriteProcessMemory
GetSystemDirectoryA
GetProcAddress
VirtualAllocEx

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01089c7676b3839e03fca815cd7d885e

Headers

File Characteristics

Imports

advapi32

version

oleaut32

winmm

ole32

shlwapi

netapi32

psapi

msvcrt

rpcrt4

wininet

user32

kernel32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 114KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 24KB - Virtual size: 25KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 116KB - Virtual size: 114KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 24KB - Virtual size: 25KB

.reloc
Size: 12KB - Virtual size: 9KB