169952e5ae774aa8293a95decea795fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

169952e5ae774aa8293a95decea795fd_JaffaCakes118
Size

148KB
MD5

169952e5ae774aa8293a95decea795fd
SHA1

a23c33e368c8ef9aad197eb4ac44fddf692a61c3
SHA256

29eefbc4f3e905ed4c29f80f5314ddc0c239de3e374631f93db46c28f570249e
SHA512

50b2b19fb05a115ee2b3927b4a6b96709027edeba7c9ef6b6cdb3f8419c2af5611b773b426dcbdf544ec1122f20dfb1e43e55327ebbc6a5964548e349aa5f9be
SSDEEP

3072:Q9/FgE4b43PhFAEHt3u1MH4a5hMBU2bZOTlplqZJXeF:StPj9HH4a5hMLkmra

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
169952e5ae774aa8293a95decea795fd_JaffaCakes118

Files

169952e5ae774aa8293a95decea795fd_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

bb1aeaef81e9ef1ec55efef4924e0827

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsDBCSLeadByte
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
CreateThread
WaitForSingleObject
CloseHandle
GetCurrentThreadId
Sleep
CopyFileA
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
GetLocalTime
CreateDirectoryA
ReadFile
OpenFile
WriteFile
GetFileAttributesA
GetVersionExA
CreateFileA
WinExec
GetWindowsDirectoryA
InterlockedExchange
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
SetFilePointer
lstrcpynA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapSize
GetCurrentProcess
TerminateProcess
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
RaiseException
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
LCMapStringW
LCMapStringA
ExitProcess
GetOEMCP
GetACP
GetCPInfo
GetVersion
GetCommandLineA
SetEnvironmentVariableA
GetSystemTime
GetTimeZoneInformation
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
lstrlenW
InitializeCriticalSection
GetModuleFileNameA
DisableThreadLibraryCalls

user32

wsprintfA
IsWindow
EnumThreadWindows
GetClassNameA
GetWindowTextA
FindWindowExA
AttachThreadInput
PostMessageA
UnhookWindowsHookEx
CharNextA
GetWindowThreadProcessId
GetForegroundWindow

advapi32

RegQueryInfoKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegCreateKeyA
RegQueryValueExA
RegEnumValueA
RegDeleteKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA

shell32

SHGetSpecialFolderPathA

ole32

CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysAllocString
SysFreeString
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
VariantChangeType
VariantClear
VariantCopy
SysStringLen
SysAllocStringLen

ws2_32

closesocket
inet_ntoa
ioctlsocket
inet_addr
htons
connect
WSAStartup
select
__WSAFDIsSet
WSACleanup
gethostbyname

wininet

InternetOpenUrlA
InternetReadFile
InternetSetCookieExA
InternetCloseHandle
InternetOpenA
InternetQueryDataAvailable

netapi32

NetWkstaTransportEnum
NetApiBufferFree

shlwapi

StrStrIA

iphlpapi

GetAdaptersInfo

rpcrt4

UuidCreateSequential

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb1aeaef81e9ef1ec55efef4924e0827

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

ws2_32

wininet

netapi32

shlwapi

iphlpapi

rpcrt4

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 20KB - Virtual size: 27KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 20KB - Virtual size: 27KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 8KB