0f54f53e325262eb59c33766bc8d9664_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f54f53e325262eb59c33766bc8d9664_JaffaCakes118
Size

812KB
MD5

0f54f53e325262eb59c33766bc8d9664
SHA1

fd66610139f07a152cb88e05bd32f774dfa78592
SHA256

0906f6f5dff7fd2011ea39b68ac9d528f789d94d9ec036a5cfd373d906df1748
SHA512

ff89fdc1cc49a4b0d38d1ebb28002c61a6f32199af8e89ffcb544022d33ecb129b8633965a3376d798a9283d7c19c40508ec66246b3bbc2900ca41b7b52762e7
SSDEEP

24576:atcmGrsYwFN/y3I0DAUNUSU/V3zmKncqV:aS88Kpzvce

Score

1^/10

Malware Config

Signatures

Files

0f54f53e325262eb59c33766bc8d9664_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

f9e94fcd73c22a705d739eb875afa724

Code Sign

c3:b4:44:29:73:48:4e:ac:94:7e:ff:31:0b:87:75:fe:84:b0:62:a5
Signer

Actual PE Digest

c3:b4:44:29:73:48:4e:ac:94:7e:ff:31:0b:87:75:fe:84:b0:62:a5

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatA
LoadLibraryA
lstrcatA
GetModuleFileNameA
GetCurrentThreadId
FreeLibrary
LocalFree
CreateFileA
CloseHandle
GetFileSize
GetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
HeapFree
lstrcmpiA
DisableThreadLibraryCalls
InterlockedIncrement
LoadLibraryA
lstrcpynA
ReadFile
SizeofResource
GlobalAlloc
Sleep
VirtualProtect
GetModuleHandleA
lstrlenA
FlushFileBuffers
WinExec
SetFilePointer
IsBadCodePtr
IsBadReadPtr
GetProcAddress
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetProcessHeap
HeapAlloc
GetCurrentProcess
GetModuleHandleExA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetVersionExA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
WriteFile
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapSize
TerminateProcess
IsBadWritePtr
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualFree
HeapCreate
HeapDestroy
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
GetCommandLineA
ExitProcess
GetOEMCP
GetCPInfo
TlsAlloc
WriteFile
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
SetUnhandledExceptionFilter

user32

OpenClipboard
SendMessageA
SendMessageA
CloseClipboard
SetDlgItemTextA
GetDlgItem
MessageBoxA
CharNextA
EnableWindow
LoadIconA
DestroyIcon
UnregisterClassA
LoadStringA
SetClipboardData

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey
RegQueryInfoKeyA
RegEnumKeyExA

shell32

ExtractIconExA
DragQueryFileA

ntdll

RtlUnwind
RtlUnwind
RtlMoveMemory
RtlZeroMemory
RtlUnwind
RtlUnwind

oleaut32

UnRegisterTypeLi
LoadTypeLi
SysFreeString
VarUI4FromStr
RegisterTypeLi
SysAllocString

comctl32

ImageList_ReplaceIcon
DestroyPropertySheetPage
ImageList_Create
CreatePropertySheetPageA

shlwapi

PathRemoveFileSpecA
PathIsDirectoryA

Exports

Exports

CPlApplet
DllGetClassObject
DllRegisterServer
_init

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9e94fcd73c22a705d739eb875afa724

Code Sign

c3:b4:44:29:73:48:4e:ac:94:7e:ff:31:0b:87:75:fe:84:b0:62:a5Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ntdll

oleaut32

comctl32

shlwapi

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 3KB - Virtual size: 9KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 6KB - Virtual size: 6KB

c3:b4:44:29:73:48:4e:ac:94:7e:ff:31:0b:87:75:fe:84:b0:62:a5
Signer

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 3KB - Virtual size: 9KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 6KB - Virtual size: 6KB