83dbdf9cfcf65a97e5addc7e824a6842_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

83dbdf9cfcf65a97e5addc7e824a6842_JaffaCakes118
Size

212KB
MD5

83dbdf9cfcf65a97e5addc7e824a6842
SHA1

57f12c651a41ac70d1521406ced6e66621927f23
SHA256

c94ae588cf0f1b4caa338dc307414f72e0e14bb77af55cf1a5bb2e0dc2d6d22b
SHA512

6106e8e58dbac1c21f4969bb7752d14900c7d360139dacb2a5efccb5754a4abcabccbe879938a65910083d102326c2cf06bd8f6499bc363ce780299f968eb6c7
SSDEEP

3072:qgoKB7CVxORpGbgFHQdXoczloK2cSmrSobZTFvs2M6JAb6slTYcG4zHkLnXwYyc4:jonV2ZFHQiwloK7NbL7MUVKYcEFK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83dbdf9cfcf65a97e5addc7e824a6842_JaffaCakes118

Files

83dbdf9cfcf65a97e5addc7e824a6842_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7c210442a422860d826d033c0189c447

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

dui70

?_RecordSetValue@DUIXmlParser@DirectUI@@IAEJPAUIXmlReader@@PBG1@Z
?_UpdatePropertyInCache@Element@DirectUI@@AAEXPBUPropertyInfo@2@@Z
?_RecordSetValue@DUIXmlParser@DirectUI@@IAEJPAUIXmlReader@@PBG1@Z
?_RecordSetValue@DUIXmlParser@DirectUI@@IAEJPAUIXmlReader@@PBG1@Z
?_RecordSetValue@DUIXmlParser@DirectUI@@IAEJPAUIXmlReader@@PBG1@Z

advapi32

RegEnumValueA
RegDeleteValueA
RegCreateKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

kernel32

FindNextFileA
DeleteFileA
FindFirstFileA
GetTempFileNameA
GetTempPathA
FreeLibrary
LoadLibraryA
UnmapViewOfFile
GetLastError
MapViewOfFile
CreateFileMappingA
GetFileSize
lstrcmpA
SetLastError
GetEnvironmentVariableA
SetFileAttributesA
lstrcatA
OpenEventA
WriteFile
CopyFileA
Sleep
GetVolumeInformationA
GetDriveTypeA
ExitProcess
SetFilePointer
ReadFile
GetModuleHandleA
GetModuleFileNameA
GetSystemTime
GetSystemDirectoryA
SetFileTime
GetLocalTime
GetPrivateProfileStringA
FindClose
GetWindowsDirectoryW
GetEnvironmentVariableW
GetComputerNameW
GetTimeZoneInformation
MultiByteToWideChar
lstrcatW
lstrlenW
GetComputerNameA
lstrcpyA
GetTickCount
FileTimeToSystemTime
GetWindowsDirectoryA
TerminateProcess
WaitForSingleObject
CreateDirectoryA
CreateMutexA
ReleaseMutex
OutputDebugStringA
GetFileTime
GetDiskFreeSpaceExA
GetDiskFreeSpaceA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeExA
CreateFileA
lstrlenA
GetFileInformationByHandle
CloseHandle
FileTimeToLocalFileTime
FileTimeToDosDateTime
GetFileAttributesA
GetTempPathW
IsBadCodePtr
IsBadReadPtr
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapFree
GetFileType
RaiseException
RtlUnwind
ResumeThread
CreateThread
TlsSetValue
TlsGetValue
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetCurrentThreadId
TlsAlloc
TlsFree
SetStdHandle
SetEndOfFile
SetHandleCount
GetStdHandle
GetStartupInfoA
FlushFileBuffers
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
LCMapStringA
LCMapStringW

ntdll

RtlAllocateHeap
RtlEnterCriticalSection
RtlLeaveCriticalSection
RtlExitUserThread
RtlReAllocateHeap
RtlSizeHeap
RtlInitializeCriticalSection
RtlDeleteCriticalSection
NtdllDefWindowProc_A

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

user32

wsprintfA
RegisterClassExA
CreateWindowExA
SendMessageA
CharLowerBuffA
wsprintfW
GetMessageA
TranslateMessage
DispatchMessageA

ws2

inet_ntoa
gethostbyname
WSAStartup
WSACleanup

msvcp60

?pbackfail@?$basic_filebuf@DU?$char_traits@D@std@@@std@@MAEHH@Z

Exports

Exports

AddAtomS
AddAtomT
Entry

Sections

.text
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rc_it
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c210442a422860d826d033c0189c447

Headers

File Characteristics

Imports

dui70

advapi32

kernel32

ntdll

rpcrt4

user32

ws2

msvcp60

Exports

Exports

Sections

.text Size: 149KB - Virtual size: 149KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 27KB - Virtual size: 27KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 10KB - Virtual size: 10KB

.rc_it Size: 4KB - Virtual size: 4KB

.text
Size: 149KB - Virtual size: 149KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 27KB - Virtual size: 27KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 10KB - Virtual size: 10KB

.rc_it
Size: 4KB - Virtual size: 4KB