07c766706652882e3432cd6e84834d1a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

07c766706652882e3432cd6e84834d1a_JaffaCakes118
Size

92KB
MD5

07c766706652882e3432cd6e84834d1a
SHA1

5e264b8a4425a5ecefda4c8c39d94d9161550007
SHA256

198091a2280bb81765acedbd702192b90044ee5c99a25798b6618aa556d51068
SHA512

83b7b397621bd435012946bc9c5181ca07d3eb7c36641c63c437752398b52fef0c70e1c3407071f6708a59c11ea25cfde86933451b7de0a0de30b647094f1433
SSDEEP

1536:3x8JT0Q+pPHNFdctJHgahI4Z+kqrWat1pd4m6np7qDio/OWmFjesl:B8JTaFYHd3+kqpLd4m6p7qDio/OW/sl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07c766706652882e3432cd6e84834d1a_JaffaCakes118

Files

07c766706652882e3432cd6e84834d1a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

504473cadacbb94ca4f22908bd68a1f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
CreateEventW
CloseHandle
SetThreadPriority
ResetEvent
SetEvent
WaitForSingleObject
ResumeThread
TerminateThread
CreateThread
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
InterlockedDecrement
lstrlenW
lstrcpynW
InterlockedIncrement
lstrcmpW
LeaveCriticalSection
GetCurrentThreadId
FreeLibrary
GetVersionExW
DisableThreadLibraryCalls
MultiByteToWideChar
lstrlenA
GetModuleFileNameA
InterlockedExchange
GetTickCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
GetVersionExA
RaiseException
TryEnterCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapAlloc
HeapDestroy
GetCurrentProcess
IsDebuggerPresent
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
LocalFree
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter

user32

UnregisterClassA

advapi32

RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyW

ole32

CoFreeUnusedLibraries
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
StringFromGUID2
CoUninitialize
CoInitialize

oleaut32

SysAllocString
SysFreeString

shlwapi

UrlGetPartW

wininet

InternetCloseHandle
HttpOpenRequestW
InternetReadFile
HttpQueryInfoW
InternetSetOptionW
HttpAddRequestHeadersW
HttpSendRequestW
InternetCrackUrlW
InternetConnectW
InternetOpenW

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr80

_decode_pointer
_encoded_null
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_initterm
_except_handler4_common
_onexit
_lock
__dllonexit
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
??0exception@std@@QAE@XZ
??3@YAXPAX@Z
wcslen
memcpy_s
memmove_s
memset
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
_unlock
_wtoi
??2@YAPAXI@Z
_invalid_parameter_noinfo
memcpy
??_V@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z
_vscwprintf
vswprintf_s
?what@exception@std@@UBEPBDXZ
memcmp
wcscmp
_purecall
abs
__CxxFrameHandler3
_vsnwprintf_s
free
?terminate@@YAXXZ
_encode_pointer
_malloc_crt

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

504473cadacbb94ca4f22908bd68a1f0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

wininet

msvcp80

msvcr80

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 428B

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 428B

.reloc
Size: 8KB - Virtual size: 5KB