3c0b12bef10b6c6fbc6d4f613fef7fd3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c0b12bef10b6c6fbc6d4f613fef7fd3_JaffaCakes118
Size

111KB
MD5

3c0b12bef10b6c6fbc6d4f613fef7fd3
SHA1

305538c547f30b281ef2ba51757db13c4c45505e
SHA256

aaaae75e9d5bf2ac2b1c39cb9b901a37401d666a67984941400a2960cbf66031
SHA512

12dcf6d1cb8af42a758c7aee21c724f5a2d6b873f7fb92f52674c42347a65ae5e6388cb036bf0b492971e6075d6644a4b8cfa49359b24416ee34ae7ec87f3bf2
SSDEEP

3072:apcXZsqaYCmcXZaYwSPMwhcEEUOFFgLfUlRy1ByL:qMKFOFqrUl8m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c0b12bef10b6c6fbc6d4f613fef7fd3_JaffaCakes118

Files

3c0b12bef10b6c6fbc6d4f613fef7fd3_JaffaCakes118
.dll regsvr32 windows:6 windows x64 arch:x64

092cdf5979cf1ea385924efa32ebe26d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

msctfui.pdb

Imports

msvcrt

memset
__C_specific_handler
memmove
_XcptFilter
_initterm
malloc
free
_amsg_exit
memcpy
sqrt

ntdll

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

kernel32

LocalReAlloc
DeactivateActCtx
ActivateActCtx
ReleaseActCtx
CreateActCtxW
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
Sleep
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcAddress
LoadLibraryExW
LocalFree
LocalAlloc
GetSystemDirectoryW
lstrlenW
GetACP
lstrcmpW
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection

user32

IsWindow
InvalidateRect
DefWindowProcW
PtInRect
ReleaseDC
AnimateWindow
GetWindowLongPtrW
ShowWindow
ScreenToClient
GetWindowRect
GetSystemMetrics
DestroyIcon
SendMessageW
KillTimer
GetCaretBlinkTime
SetTimer
GetClientRect
CreateWindowExW
RegisterClassExW
GetClassInfoExW
LoadCursorW
EndPaint
DrawTextExW
SystemParametersInfoW
GetDoubleClickTime
IntersectRect
DrawEdge
FillRect
InflateRect
DrawIconEx
GetIconInfo
GetCursorPos
SetCursor
ClientToScreen
SetRect
GetMessagePos
SetCapture
ReleaseCapture
GetWindowLongW
AdjustWindowRectEx
WindowFromPoint
FrameRect
UpdateLayeredWindow
GetMonitorInfoW
MonitorFromRect
MonitorFromPoint
DrawStateW
SetLayeredWindowAttributes
SetWindowRgn
GetKeyState
GetCursor
SetWindowLongW
BeginPaint
GetSysColor
SetWindowLongPtrW
IsWindowVisible
LoadStringW
OffsetRect
DestroyWindow
MoveWindow
SetWindowPos
GetParent
LoadImageW
GetDC

gdi32

CreateCompatibleDC
BitBlt
Polyline
LineTo
MoveToEx
SetBkColor
SetTextColor
PatBlt
ExtCreatePen
CreateFontIndirectW
GetObjectW
DeleteObject
GetStockObject
SelectObject
GetDeviceCaps
SetLayout
CreateBrushIndirect
CreateBitmap
CreateSolidBrush
CreateFontW
CreatePen
SetViewportOrgEx
CreateDIBSection
GetDIBits
GetTextColor
SetBkMode
CreateCompatibleBitmap
DeleteDC
GetTextExtentPointA
GetTextExtentPoint32W
SetTextAlign
GetTextAlign
GetCurrentObject
ExtTextOutW
ExtTextOutA

advapi32

RegEnumKeyExW
RegDeleteKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegOpenCurrentUser
RegCloseKey

msctf

TF_CreateDisplayAttributeMgr
TF_CreateCategoryMgr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

092cdf5979cf1ea385924efa32ebe26d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

ntdll

kernel32

user32

gdi32

advapi32

msctf

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 91KB

.data Size: 512B - Virtual size: 2KB

.pdata Size: 4KB - Virtual size: 3KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 92KB - Virtual size: 91KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 4KB - Virtual size: 3KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB