1c0c741c730f9bb419b7d102280a789a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1c0c741c730f9bb419b7d102280a789a_JaffaCakes118
Size

161KB
MD5

1c0c741c730f9bb419b7d102280a789a
SHA1

af5a01a112d5a34fd2d8df41482a32dd03fc129f
SHA256

025d3588b1a1492514b9026253d5869878bf7c3e8e9c572fb3d36efddb89c12f
SHA512

57f35a70da8e8f9a43b73bbb669365609624e3052fccab05f57c5812857981381fa4b169b53836210fe93fc600424ac4097cfc2eda1f727fd3bad83f1532a732
SSDEEP

3072:cbIXZbklF3GkT8PVAM5y5rJnFhmTeA7uWpDvEoBdg:IIFkX5kAM5OrJnF4yOuWpXdg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c0c741c730f9bb419b7d102280a789a_JaffaCakes118

Files

1c0c741c730f9bb419b7d102280a789a_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

227cad944dfd930021367b0c558073d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

nlhtml.pdb

Imports

msvcrt

_onexit
__dllonexit
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_adjust_fdiv
_initterm
realloc
wcsrchr
_wtoi
wcstombs
_wcsupr
wcsncpy
malloc
wcscat
iswspace
iswalpha
_strnicmp
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
wcscpy
iswdigit
_wtol
_wcsicmp
wcschr
mbstowcs
wcstoul
towupper
_wcslwr
bsearch
wcscmp
__CxxFrameHandler
wcslen
wcsncmp
_wcsnicmp
_purecall
free
_CxxThrowException

user32

LoadStringW
SetLastErrorEx

oleaut32

VarR8FromStr
SysFreeString
SysAllocString
SysAllocStringLen

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
lstrlenA
GetStringTypeW
GetSystemTime
SystemTimeToFileTime
lstrlenW
FlushViewOfFile
MapViewOfFile
SetFilePointer
SetEndOfFile
CreateFileW
CreateFileA
GetFileSize
CreateFileMappingW
CreateFileMappingA
CloseHandle
UnmapViewOfFile
GetModuleHandleW
GetVersionExW
DisableThreadLibraryCalls
LoadLibraryW
GetProcAddress
FreeLibrary
GetVersionExA
MultiByteToWideChar
GetLastError
GetCPInfo
LocalAlloc
LocalFree
WideCharToMultiByte
GetLocaleInfoA
GetLocaleInfoW
SetLastError
IsValidCodePage
IsDBCSLeadByteEx
IsValidLocale
InterlockedDecrement
InterlockedIncrement
GetSystemDefaultLCID

advapi32

RegQueryValueExA
RegOpenKeyW
RegOpenKeyA
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegSetValueExW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

227cad944dfd930021367b0c558073d7

Headers

File Characteristics

PDB Paths

Imports

msvcrt

user32

oleaut32

kernel32

advapi32

ole32

Exports

Exports

Sections

.text Size: 91KB - Virtual size: 91KB

.data Size: 60KB - Virtual size: 65KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 91KB - Virtual size: 91KB

.data
Size: 60KB - Virtual size: 65KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 6KB