06ec5e51616886fd868291fce1776c60_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06ec5e51616886fd868291fce1776c60_JaffaCakes118
Size

144KB
MD5

06ec5e51616886fd868291fce1776c60
SHA1

d3b9057ff267c6ae830be49460a0651d64150b60
SHA256

b0567347d46f537a6637bf27cb1ea5d9d4a01d8a770101fd3b09211b9abf24b2
SHA512

19b5d91b02b2457eff61173cece7fe4327814d2c2cdc49e264b4bce5fbb160786c47086bff7a9b517b7adb2b34d8608a33272c6769382dbc2a92683fb3641ae1
SSDEEP

3072:wmjb5XVa+S9SU7XirRJUCWozriA6J0JWdivrntM0:Rb5FhS8kXyQCRqAPJeivrntM0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06ec5e51616886fd868291fce1776c60_JaffaCakes118

Files

06ec5e51616886fd868291fce1776c60_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

fd57d9826dcf46942f207305970f9086

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

winmm

timeGetTime

rpcrt4

UuidToStringA

shlwapi

SHSetValueA
StrStrIA
SHGetValueA

user32

SetWindowPos
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
KillTimer
SetTimer
DefWindowProcA
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
OpenClipboard
CloseClipboard
wsprintfA
SystemParametersInfoA

advapi32

CryptGenRandom
CryptReleaseContext
RegOpenKeyExW
RegQueryValueExW
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
RegOpenKeyExA
RegCloseKey
CryptAcquireContextA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoCreateGuid
CoCreateInstance

netapi32

Netbios

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

oleaut32

GetErrorInfo
SysAllocString
SysFreeString
VariantClear

wininet

InternetSetOptionA
HttpQueryInfoA
InternetOpenA
InternetReadFile
InternetCloseHandle
InternetOpenUrlA

msvcrt

??3@YAXPAX@Z
__CxxFrameHandler
toupper
strtok
??2@YAPAXI@Z
??0exception@@QAE@ABV0@@Z
isgraph
isxdigit
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@XZ
wctomb
malloc
__mb_cur_max
printf
strchr
strncpy
?what@exception@@UBEPBDXZ
wcslen
_stricmp
tolower
isspace
islower
strerror
isupper
ispunct
fclose
fwrite
fopen
tmpnam
atoi
free
strstr
isalnum
isalpha
srand
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
wcscmp

kernel32

GetCurrentProcess
GetProcessTimes
lstrcmpA
lstrcmpiA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsA
VirtualAllocEx
WriteProcessMemory
GetThreadTimes
GetLocalTime
lstrcpynA
GetWindowsDirectoryA
GetSystemDirectoryA
InterlockedExchange
Sleep
GetCurrentDirectoryA
GetEnvironmentVariableA
GetProcessHeap
HeapAlloc
GetCurrentThread
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
GetSystemInfo
CreateRemoteThread
GetCurrentProcessId
HeapSize
GetVersion
GetFullPathNameA
SetLastError
FormatMessageA
LocalFree
LoadLibraryA
GetLastError
GetProcAddress
FreeLibrary
HeapFree
GetModuleHandleA
GetModuleFileNameA
GetVersionExA
QueryPerformanceCounter
lstrlenA
lstrcpyA
CreateFileA
SleepEx
OpenProcess
CloseHandle
GetTickCount
QueryPerformanceFrequency

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd57d9826dcf46942f207305970f9086

Headers

File Characteristics

Imports

psapi

winmm

rpcrt4

shlwapi

user32

advapi32

ole32

netapi32

version

oleaut32

wininet

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 23KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 23KB

.reloc
Size: 8KB - Virtual size: 6KB