fcd75eed6426cb4871b4038741d192ce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fcd75eed6426cb4871b4038741d192ce_JaffaCakes118
Size

208KB
MD5

fcd75eed6426cb4871b4038741d192ce
SHA1

88bc5f9f2694c1543575607f013e4340bb458d21
SHA256

b8be10630a5dd7eb3383d03061ad4eb5421c2ca944ea6dd6b9bfe83b07f54dea
SHA512

bb00e42d898cd1f4a8c288a4f0a9417f6575734286bd36e74eea0253bca97dd50aa7228e95586de170412850997c21256905651ab0b56bc04927ffb32ed18faf
SSDEEP

3072:uYQx52we0TJUGEN0kQxrPe3iP1jbcThhhbdm0tqUqBOWJSWHdb:5Qx52lAxrWBThUXUq8W8W9b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcd75eed6426cb4871b4038741d192ce_JaffaCakes118

Files

fcd75eed6426cb4871b4038741d192ce_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

d4c4f87087418eb2407516acdcedbf30

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEndOfFile
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetFileTime
GlobalFlags
WritePrivateProfileStringA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
RaiseException
SetStdHandle
GetFileType
ExitProcess
TerminateProcess
UnlockFile
HeapSize
GetTimeZoneInformation
GetACP
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapCreate
VirtualFree
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
LockFile
FlushFileBuffers
ReadFile
CreateFileA
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVersion
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
WaitForSingleObject
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
FormatMessageA
LocalAlloc
LocalFree
lstrcatA
lstrcpyA
HeapDestroy
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
GetShortPathNameA
lstrlenA
lstrlenW
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary
GetCurrentProcessId
CreateToolhelp32Snapshot
Module32First
Module32Next
SetFileAttributesA
DeleteFileA
GetModuleHandleA
GetProcAddress
GetFileAttributesA
CopyFileA
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetFileSize
SetFilePointer
WriteFile
CloseHandle
IsBadReadPtr
CreateThread
SetThreadPriority
GetVersionExA
GetModuleFileNameA
SetLastError
VirtualAlloc
GetCurrentThread
SuspendThread
SetThreadContext
GetThreadContext
GetCurrentProcess
FlushInstructionCache
VirtualProtect
GetCurrentThreadId
InterlockedCompareExchange
VirtualQuery
ResumeThread
GetLastError

user32

DestroyMenu
MapWindowPoints
GetSysColor
AdjustWindowRectEx
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetSysColorBrush
SetFocus
ShowWindow
SetWindowPos
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetSystemMetrics
CharUpperA
wsprintfA
GetWindowTextA
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetActiveWindow
GetKeyState
ValidateRect
LoadCursorA
GetWindowPlacement
LoadIconA
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
PostMessageA
PostQuitMessage
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
CharNextA
SendMessageA
EnumChildWindows
GetClassNameA
FindWindowExA
SetWindowLongA
CallWindowProcA
IsWindow
SetWindowTextA
CallNextHookEx
PtInRect

gdi32

GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps
CreateBitmap
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

GetAce
RegGetKeySecurity
RegSetKeySecurity
LookupAccountNameA
GetLengthSid
InitializeSecurityDescriptor
InitializeAcl
RegDeleteKeyA
SetSecurityDescriptorDacl
RegCreateKeyA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA

comctl32

ord17

ole32

CoTaskMemFree
StringFromCLSID
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance

oleaut32

SysFreeString
VariantClear
VarUI4FromStr
SysAllocString
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
SysStringLen
SysAllocStringLen

wininet

InternetGetLastResponseInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHDATA
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4c4f87087418eb2407516acdcedbf30

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 124KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 16KB - Virtual size: 32KB

.SHDATA Size: 4KB - Virtual size: 16B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 128KB - Virtual size: 124KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 16KB - Virtual size: 32KB

.SHDATA
Size: 4KB - Virtual size: 16B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 20KB - Virtual size: 19KB