192fa196f9b8be80f47a85c69132f1dd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

192fa196f9b8be80f47a85c69132f1dd_JaffaCakes118
Size

154KB
MD5

192fa196f9b8be80f47a85c69132f1dd
SHA1

23c5c6b37f26d42606229713b0bd73197890b885
SHA256

7a99f9c699425ffe607fb114d9aedf5abd263aac08dd6304ed6ed23c21ddad4d
SHA512

fd60cd5dcf73b0cb9995a1ba54f34a231d5bfe716ba3bb55b55f32abcffc61f7275ef77b27e151156f48010a843461367f14fe03578e7ec9c5c582e79b1258b5
SSDEEP

3072:M92QagCe2CuwUytvt32J2Osyy69wIgXqx8+UnTY5W:3Gx2Jyqop+QT7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
192fa196f9b8be80f47a85c69132f1dd_JaffaCakes118

Files

192fa196f9b8be80f47a85c69132f1dd_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

1f960e47b3c23c963de4f9e56e439504

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrCmpNIA
StrCmpNA
wnsprintfA
StrToIntA
StrNCatA
StrStrA
StrStrIA

wininet

InternetConnectA
InternetCrackUrlA
InternetCloseHandle
HttpQueryInfoA
HttpSendRequestA
InternetGetConnectedState
HttpOpenRequestA
InternetReadFile
InternetOpenA

rpcrt4

UuidToStringA
UuidCreate

kernel32

GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
RaiseException
GetModuleFileNameA
DeleteCriticalSection
TlsAlloc
lstrlenA
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
lstrcpynA
HeapAlloc
lstrcpyA
FindResourceA
lstrcmpA
TlsGetValue
FreeLibrary
LoadResource
HeapFree
WaitForSingleObject
GetTickCount
GetCurrentThread
GetProcessHeap
TlsSetValue
WideCharToMultiByte
TerminateThread
Sleep
SizeofResource
MultiByteToWideChar
lstrlenW
GetLastError
lstrcmpiA
GetProcAddress
LoadLibraryA
GetModuleHandleA
LoadLibraryExA
CreateMutexA
GetCurrentThreadId
ReleaseMutex
CloseHandle
CreateThread
lstrcatA
CreateFileA
GetFileSize
WriteFile
ReadFile
GetComputerNameA
GetVolumeInformationA
GetConsoleCP
SetFilePointer
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
IsDBCSLeadByte
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStdHandle
VirtualFree
HeapDestroy
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
HeapSize
SetLastError
VirtualProtect
VirtualAlloc
GetModuleHandleW
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
GetCommandLineA
TlsFree

user32

GetWindowLongA
PostMessageA
KillTimer
CharNextA
SetTimer

advapi32

RegSetValueExA
RegDeleteValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyA
RegDeleteKeyA

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

LoadRegTypeLi
VarUI4FromStr
LoadTypeLi
SysStringLen
SysAllocString
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 1024B - Virtual size: 917B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f960e47b3c23c963de4f9e56e439504

Headers

File Characteristics

Imports

shlwapi

wininet

rpcrt4

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 103KB - Virtual size: 103KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 13KB - Virtual size: 22KB

.cdata Size: 1024B - Virtual size: 917B

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 103KB - Virtual size: 103KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 13KB - Virtual size: 22KB

.cdata
Size: 1024B - Virtual size: 917B

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 11KB - Virtual size: 10KB