060f026b087d5a7e2de305f8fa20f24c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

060f026b087d5a7e2de305f8fa20f24c_JaffaCakes118
Size

140KB
MD5

060f026b087d5a7e2de305f8fa20f24c
SHA1

a36d3c3bbc38bffd82687dab44b0a9228eb65ca1
SHA256

0c99020539c6fedab6e98d94207d68de55c4e80bfe705b5646267825d4306fe0
SHA512

10c30d86650df7d21f07f37166a2487a1555c9d0e27bd6bdce39e9f783d90d6a57f2ea157070dc535a891ac0f3ad76d1e19973483f4e335e4f89c89440959ff1
SSDEEP

3072:36oXR7L4eF2wTyrtKIrdEI5P5iJw/JE6Mt:36oXNnDTyNxx/K6Mt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
060f026b087d5a7e2de305f8fa20f24c_JaffaCakes118

Files

060f026b087d5a7e2de305f8fa20f24c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

bb38951fb2d64526c2b32e9f05af6d8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

netapi32

Netbios

psapi

EnumProcessModules
GetModuleBaseNameA
EnumProcesses

rpcrt4

UuidToStringA

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
srand
atoi
tmpnam
fopen
fwrite
fclose
strstr
strtok
toupper
_stricmp
malloc
free
wcscmp
wcslen
?what@exception@@UBEPBDXZ
isupper
tolower
isspace
isgraph
isalnum
islower
isxdigit
ispunct
strerror
strncpy
strchr
isalpha
??2@YAPAXI@Z
??1exception@@UAE@XZ
??3@YAXPAX@Z
_CxxThrowException
__CxxFrameHandler
__mb_cur_max
wctomb
printf
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z

shlwapi

SHGetValueA
StrStrIA
SHSetValueA

winmm

timeGetTime

advapi32

CryptReleaseContext
CryptAcquireContextA
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
CryptGenRandom

wininet

InternetOpenA
InternetSetOptionA
InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA

oleaut32

SysFreeString
GetErrorInfo
SysAllocString
VariantClear

user32

GetWindowThreadProcessId
EnumChildWindows
EnumWindows
wsprintfA
GetClassNameA
CloseClipboard
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
KillTimer
SetWindowPos
DefWindowProcA
SystemParametersInfoA
OpenClipboard
SetTimer

ole32

CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoCreateGuid

kernel32

GetSystemInfo
Sleep
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
HeapSize
HeapAlloc
GetLastError
SetLastError
GetModuleFileNameA
InterlockedExchange
GetFullPathNameA
lstrcpyA
GetLocalTime
SleepEx
FreeEnvironmentStringsA
GetEnvironmentStrings
GetModuleHandleA
lstrcmpiA
lstrcmpA
GetProcessTimes
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryA
GetThreadTimes
GetCurrentThread
LocalFree
FormatMessageA
MultiByteToWideChar
lstrcpynA
CloseHandle
CreateFileA
OpenProcess
MoveFileExA
WaitForSingleObject
GetVersionExA
GetSystemDirectoryA
GetWindowsDirectoryA
GetProcessHeap
GetEnvironmentVariableA
GetCurrentDirectoryA
lstrlenA
GetVersion
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetCurrentProcessId
HeapFree
CreateProcessA
DeleteFileA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb38951fb2d64526c2b32e9f05af6d8c

Headers

File Characteristics

Imports

version

netapi32

psapi

rpcrt4

msvcrt

shlwapi

winmm

advapi32

wininet

oleaut32

user32

ole32

kernel32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 20KB - Virtual size: 20KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 20KB - Virtual size: 20KB

.reloc
Size: 8KB - Virtual size: 6KB