08c5bc25197f41ad717c48d8cc07ad2b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

08c5bc25197f41ad717c48d8cc07ad2b_JaffaCakes118
Size

496KB
MD5

08c5bc25197f41ad717c48d8cc07ad2b
SHA1

dffe19d4baf146b0cf1258db0b93fcef51468392
SHA256

4cb3a9678615094cd55a74cd233a3a4275b4f6e138d287b49105b6b44edbc6db
SHA512

d563b519a89407e8c09be24fe0c0eab280606634f84945db6fb426c5e88446ddc6e55b10eab65f5943937a828cb3f50affa4f611cafad4c09d5371f2bd8ce43b
SSDEEP

6144:SEvbVZ3TkaUIMx5uTY+J1ndKW/uXlg8v8gEZsYsjhAvQODop6abluagy4:xnYaUf/U9k7vBEZuOvQODop6abluagy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08c5bc25197f41ad717c48d8cc07ad2b_JaffaCakes118

Files

08c5bc25197f41ad717c48d8cc07ad2b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3b078eb077e2a25759b894679eb1958e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyA

urlmon

CoInternetCreateSecurityManager
IsValidURL

wininet

InternetCrackUrlA
InternetReadFile
InternetTimeToSystemTime
HttpQueryInfoA
InternetErrorDlg
HttpSendRequestA
HttpAddRequestHeadersA
InternetTimeFromSystemTime
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCloseHandle

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shell32

SHGetFileInfoA
ShellExecuteExA

kernel32

FindFirstFileA
GetLongPathNameA
GetModuleFileNameA
lstrcmpiA
GetModuleHandleA
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
lstrlenW
MultiByteToWideChar
lstrlenA
GetLastError
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
GlobalAlloc
GetDiskFreeSpaceA
GetProcAddress
GetCurrentThreadId
LockResource
MulDiv
GlobalUnlock
GlobalLock
GetTempPathA
CloseHandle
GetExitCodeProcess
CreateProcessA
SetLastError
GlobalFree
GlobalHandle
GetTempFileNameA
lstrcatA
WriteFile
SetEndOfFile
SetFilePointer
CompareFileTime
SystemTimeToFileTime
FindClose
FileTimeToSystemTime
GetFileTime
GetFileSize
CreateFileA
lstrcpyA
SetEvent
CreateThread
CreateEventA
GlobalMemoryStatus
GetShortPathNameA
LoadLibraryA
GetSystemDirectoryA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
IsBadCodePtr
IsBadReadPtr
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ReadFile
GetCPInfo
GetOEMCP
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThread
TlsAlloc
HeapSize
TerminateProcess
ExitProcess
IsBadWritePtr
FatalAppExitA
HeapCreate
HeapDestroy
GetCommandLineA
GetSystemTimeAsFileTime
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualProtect
RtlUnwind
lstrcmpA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetCurrentDirectoryA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
SetConsoleCtrlHandler
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
FileTimeToLocalFileTime
GetDriveTypeA
GetFullPathNameA
GetCurrentDirectoryA
Sleep

gdi32

DPtoLP
SetWindowOrgEx
SetViewportOrgEx
ModifyWorldTransform
SetGraphicsMode
SaveDC
StretchBlt
SetBkMode
SetTextColor
RestoreDC
CreateSolidBrush
GetObjectA
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
CreateFontIndirectA
GetStockObject

wsock32

gethostbyname
inet_addr
gethostbyaddr
ioctlsocket

comctl32

ord17

wintrust

WinVerifyTrust

shlwapi

PathIsURLA
PathFileExistsA

ole32

StringFromCLSID
OleUninitialize
OleInitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
OleLockRunning
CreateStreamOnHGlobal
CoGetClassObject
CLSIDFromString
CLSIDFromProgID

oleaut32

SysStringByteLen
LoadTypeLi
LoadRegTypeLi
VariantInit
VariantClear
OleCreateFontIndirect
SysStringLen
SysAllocStringLen
SysAllocString
VarUI4FromStr
SysFreeString

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 223KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 556KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 132B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b078eb077e2a25759b894679eb1958e

Headers

File Characteristics

Imports

advapi32

urlmon

wininet

version

shell32

kernel32

gdi32

wsock32

comctl32

wintrust

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 223KB - Virtual size: 524KB

.bss Size: - Virtual size: 556KB

.pdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 132B

.idata Size: 6KB - Virtual size: 5KB

.rsrc Size: 250KB - Virtual size: 249KB

.reloc Size: 4KB - Virtual size: 256B

.text
Size: 223KB - Virtual size: 524KB

.bss
Size: - Virtual size: 556KB

.pdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 132B

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 250KB - Virtual size: 249KB

.reloc
Size: 4KB - Virtual size: 256B