f3812d25e87e23bba69f3e22fb9d44ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f3812d25e87e23bba69f3e22fb9d44ea_JaffaCakes118
Size

125KB
MD5

f3812d25e87e23bba69f3e22fb9d44ea
SHA1

83e458542fb8f16656dd9d47cd615ff3fd12bbca
SHA256

0432b262d1c6639ab232cd7f438b76b279038aa0c8d0698d0d6d68d9c68b7b23
SHA512

746c090bb3e5d57eba244f6ef3d163af8f4a3582cf7d79a5d87ad1afb99e511be69d9f2de497299c28d1f9a85cb6df18576efd928357c64794b0ff32a1c4792a
SSDEEP

1536:YsLfzdYn2q/qL7dmFc0LSff/yV/Wna7yvu2g9X0P91RUNtK47q836SgkFwhAow:v7BMlQ7dmZ+f8T7yvEM16Ng47KwFR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3812d25e87e23bba69f3e22fb9d44ea_JaffaCakes118

Files

f3812d25e87e23bba69f3e22fb9d44ea_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

778f01f0d41d09fe2cab7ef6f52b9f57

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dhtmled.pdb

Imports

msvcrt

wcscpy
realloc
malloc
_wcsicmp
_wcsnicmp
_wcslwr
wcsncmp
free
_purecall
??2@YAPAXI@Z
??3@YAXPAX@Z
wcscat
_wcsrev
wcslen
wcscmp
wcschr
_itow
wcsncpy
vswprintf
_itoa
wcstok
_initterm
_adjust_fdiv

urlmon

URLOpenBlockingStreamW
URLOpenBlockingStreamA
CoInternetCreateSecurityManager
CreateURLMoniker
CoInternetCombineUrl
CoInternetParseUrl
CoInternetGetSession

wininet

InternetCloseHandle
InternetOpenA
InternetOpenW
InternetOpenUrlA
InternetOpenUrlW
InternetCreateUrlA
InternetCreateUrlW
InternetCrackUrlA
InternetCrackUrlW
DeleteUrlCacheEntryA
DeleteUrlCacheEntryW
InternetReadFile

oleaut32

DispGetParam
VariantInit
SysAllocString
SysFreeString
SafeArrayCopy
VariantClear
SafeArrayDestroy
SafeArrayPutElement
VariantChangeType
SafeArrayGetElement
SafeArrayRedim
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreateVector
SysStringLen
SysReAllocString
VariantCopy
SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
SysAllocStringLen
SetErrorInfo
RegisterTypeLi
LoadTypeLi
VarI4FromStr
SafeArrayCreate
VariantCopyInd
OleCreatePropertyFrame

ole32

CoTaskMemRealloc
GetHGlobalFromStream
OleRun
CreateBindCtx
ReleaseStgMedium
CreateOleAdviseHolder
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
OleLoadFromStream
CreateStreamOnHGlobal
WriteClassStm
OleSaveToStream

kernel32

GetLastError
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
CloseHandle
DisableThreadLibraryCalls
HeapDestroy
GlobalUnlock
GlobalLock
GlobalAlloc
FreeLibrary
SizeofResource
LoadResource
GetFileSize
WriteFile
IsValidCodePage
GlobalFree
ReadFile
GetVersionExA
lstrcmpiA
CreateFileA
CreateFileW
FindResourceA
FindResourceW
GetModuleFileNameA
GetModuleFileNameW
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
lstrcmpiW
lstrcpynW
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
VirtualAlloc
HeapFree
GetProcessHeap
HeapAlloc
GetProcAddress
VirtualFree

gdi32

RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC
CloseMetaFile
DeleteMetaFile
CreateMetaFileW
CreateMetaFileA
CreateDCW
CreateDCA
LPtoDP
SetMapMode
SetViewportOrgEx
GetDeviceCaps
CreateRectRgnIndirect
GetStockObject
Rectangle
DeleteDC

user32

wvsprintfW
CharNextW
PtInRect
UnionRect
ShowWindow
DestroyWindow
FillRect
DestroyMenu
TrackPopupMenu
CreatePopupMenu
ScreenToClient
IsWindow
GetClientRect
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
EndPaint
BeginPaint
ReleaseDC
GetDC
GetParent
GetClassInfoExW
SetFocus
InvalidateRect
SetParent
GetKeyState
GetFocus
AppendMenuA
AppendMenuW
CallWindowProcA
CallWindowProcW
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
GetWindowLongA
GetWindowLongW
LoadCursorA
LoadCursorW
PostMessageA
PostMessageW
RegisterClassExA
RegisterClassExW
SetWindowLongA
SetWindowLongW

comdlg32

GetSaveFileNameA
GetSaveFileNameW
GetOpenFileNameA
GetOpenFileNameW

advapi32

RegCreateKeyExW
RegEnumKeyExW
RegEnumKeyExA
RegQueryValueExW
RegQueryValueExA
RegSetValueExW
RegSetValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

778f01f0d41d09fe2cab7ef6f52b9f57

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

urlmon

wininet

oleaut32

ole32

kernel32

gdi32

user32

comdlg32

advapi32

Exports

Exports

Sections

.text Size: 94KB - Virtual size: 93KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 21KB - Virtual size: 20KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 94KB - Virtual size: 93KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 21KB - Virtual size: 20KB

.reloc
Size: 7KB - Virtual size: 7KB