1b50a9de5d9953bf643568de2e229f4e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1b50a9de5d9953bf643568de2e229f4e_JaffaCakes118
Size

132KB
MD5

1b50a9de5d9953bf643568de2e229f4e
SHA1

6cf2efc5e6564f86f4fc01d6b573eb6ea02966fe
SHA256

3c01b1e43668ae7e43030c6a2e636002b537884f31734666ee5818ef07ef316f
SHA512

d77fa36bca14d019b5c56b74fe45113eeb6f94e3c9655991f2075398048d5b7d740aa53ccb5aa416326ca319124493e6749277709304a1c7f4cd33b0eb429be3
SSDEEP

3072:jioFAlpjiaHOjC2zUfkIm8RI5Ck4l82C07:jioFop+l7UPm8eQk4C07

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b50a9de5d9953bf643568de2e229f4e_JaffaCakes118

Files

1b50a9de5d9953bf643568de2e229f4e_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

a19d022c4b559df74b060ec34ac74024

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalLock
GetUserDefaultLCID
lstrcmpW
TerminateProcess
GlobalUnlock
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GlobalAlloc
GlobalHandle
GlobalFree
FreeResource
GetCurrentProcess
FlushInstructionCache
HeapAlloc
GetCurrentThreadId
RaiseException
GetModuleHandleW
LoadLibraryExW
SizeofResource
lstrlenA
FindResourceW
LoadResource
LockResource
DisableThreadLibraryCalls
LoadLibraryW
GetProcAddress
FreeLibrary
GetModuleFileNameW
MulDiv
lstrcpynW
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
GetProcessHeap
GetLastError
HeapFree
lstrcpyW
lstrlenW
MultiByteToWideChar
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetModuleHandleA
GetVersionExW
Sleep

msvcrt

??3@YAXPAX@Z
free
realloc
??2@YAPAXI@Z
wcslen
wcsncpy
_purecall
memmove
_initterm
_adjust_fdiv
_except_handler3
malloc

user32

CreateAcceleratorTableW
wsprintfW
CreateWindowExW
CopyRect
GetWindowRect
ClientToScreen
ScreenToClient
GetUpdateRect
GetClassNameW
OffsetRect
EqualRect
IntersectRect
IsRectEmpty
IsWindowVisible
GetWindowDC
SetRect
RedrawWindow
SetWindowRgn
SetWindowPos
PtInRect
EnumChildWindows
BeginPaint
GetWindowTextW
SetWindowTextW
GetWindow
RegisterWindowMessageW
GetClassInfoExW
LoadCursorW
RegisterClassExW
CharNextW
ReleaseDC
GetDialogBaseUnits
GetDC
DestroyWindow
DefWindowProcW
SetWindowLongW
GetWindowLongW
CallWindowProcW
DrawTextW
GetDesktopWindow
GetSysColor
IsChild
GetFocus
ShowWindow
SendMessageW
GetDlgItem
CreateDialogIndirectParamW
GetClientRect
FillRect
EndPaint
UnionRect
InvalidateRgn
SetCapture
ReleaseCapture
GetParent
SetFocus
InvalidateRect
DestroyAcceleratorTable
GetWindowTextLengthW
IsWindow

olepro32

ord254
ord250

advapi32

RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateOleAdviseHolder
OleLoadFromStream
WriteClassStm
OleSaveToStream
StringFromCLSID
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CoTaskMemAlloc
CreateDataAdviseHolder

oleaut32

SysStringByteLen
VariantChangeType
SysAllocStringLen
VariantClear
VarUI4FromStr
SysStringLen
RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
LoadRegTypeLi
SysAllocStringByteLen

gdi32

SelectObject
CreateFontIndirectW
GetDeviceCaps
SetBkMode
SetTextColor
Rectangle
GetStockObject
RestoreDC
DeleteDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
GetTextMetricsW
CreateDCW
SetBkColor
GetObjectW
CreateSolidBrush
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileW
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateRectRgnIndirect
GetTextExtentPoint32W
LPtoDP
DeleteObject
GetTextExtentPointW

comctl32

InitCommonControlsEx

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a19d022c4b559df74b060ec34ac74024

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

olepro32

advapi32

ole32

oleaut32

gdi32

comctl32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 60KB

.data Size: 57KB - Virtual size: 56KB

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 60KB - Virtual size: 60KB

.data
Size: 57KB - Virtual size: 56KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 3KB