23786934c5375d8210c0ca5f7085cf0b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

23786934c5375d8210c0ca5f7085cf0b_JaffaCakes118
Size

204KB
MD5

23786934c5375d8210c0ca5f7085cf0b
SHA1

25dfce5d654f660b405a3d98e8ebb70f009e9228
SHA256

e09344ad93bacdd570a58815a729e4c8fbc9f6bb85ab544b24762a70b1d63a49
SHA512

2ba5a57d53e01ac20110c92cc729217afb618a8bbc8419606473fcd1bb9d6c897387cf94799d1c9447c0495d461c33dbce0915f4dee9ad35095ca54901ac3758
SSDEEP

3072:qOxUbbermqyfChbI6iuVi5di6LQ9cyHmm91GbArzlA3c3urP8zaY:nsLqyE2di6xbAreMx7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23786934c5375d8210c0ca5f7085cf0b_JaffaCakes118

Files

23786934c5375d8210c0ca5f7085cf0b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

68fc1861293f6cd19695bdc2a046e010

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
MoveFileA
DeleteFileA
TerminateThread
CloseHandle
GetLocalTime
SetFileAttributesA
CopyFileA
WriteFile
CreateFileA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetWindowsDirectoryA
DebugBreak
GetFileAttributesA
CreateDirectoryA
FindClose
FindFirstFileA
WaitForSingleObject
GetSystemDirectoryA
FreeLibrary
GetUserDefaultLangID
GetPrivateProfileIntA
Process32Next
TerminateProcess
GetExitCodeProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
IsDBCSLeadByte
SystemTimeToFileTime
FileTimeToSystemTime
lstrlenW
GetShortPathNameA
GetModuleFileNameA
SizeofResource
LoadLibraryExA
lstrcmpiA
lstrcpynA
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
lstrcpyA
lstrcatA
GetTempPathA
GetCurrentProcessId
LocalFree
GetPrivateProfileSectionNamesA
GetCurrentProcess
FlushInstructionCache
WideCharToMultiByte
FindResourceA
CompareStringW
CompareStringA
SetEndOfFile
SetFilePointer
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
GetCurrentDirectoryA
GetFullPathNameA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
ReadFile
SetUnhandledExceptionFilter
HeapSize
GetOEMCP
GetACP
GetCPInfo
ExitProcess
TlsGetValue
TlsFree
TlsAlloc
GetCommandLineA
LoadResource
HeapReAlloc
GetSystemTime
GetTimeZoneInformation
GetDriveTypeA
FileTimeToLocalFileTime
ExitThread
TlsSetValue
LockResource
LoadLibraryA
MultiByteToWideChar
GetModuleFileNameW
LoadLibraryW
OutputDebugStringA
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetLastError
SetLastError
InterlockedIncrement
GlobalLock
GlobalUnlock
CreateThread
HeapAlloc
HeapFree
RaiseException
RtlUnwind
InterlockedDecrement
SetEnvironmentVariableA
lstrlenA

user32

SetWindowTextA
SetFocus
GetParent
GetKeyState
PostMessageA
GetWindowTextA
LoadStringA
SetWindowPos
DispatchMessageA
TranslateMessage
IsWindow
DestroyWindow
DefWindowProcA
SendMessageA
GetClipboardData
SystemParametersInfoA
CheckDlgButton
GetDlgItem
CreateDialogParamA
GetWindow
MessageBoxA
SetForegroundWindow
GetClassNameA
CharLowerA
SetTimer
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
wvsprintfA
CharUpperA
IsClipboardFormatAvailable
OpenClipboard
ShowWindow
CloseClipboard
CharNextA
CreateWindowExA
GetClassInfoExA
RegisterClassExA
LoadCursorA
wsprintfA
ReleaseDC
MapWindowPoints
LoadMenuA
GetSubMenu
TrackPopupMenu
DestroyMenu
GetWindowRect
ScreenToClient
FindWindowExA
GetFocus
KillTimer
LoadBitmapA
GetDC
MoveWindow
CallWindowProcA
GetWindowLongA
SetWindowLongA
GetClientRect

gdi32

SelectObject
DeleteObject
DeleteDC
GetStockObject

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA
SHGetSpecialFolderPathA
ShellExecuteExA

ole32

CoCreateGuid
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
ReleaseStgMedium

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
SysAllocString
VariantChangeType
VariantCopy
VarUI4FromStr
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysStringLen

imm32

ImmGetOpenStatus
ImmSetCompositionStringA
ImmGetContext
ImmSetConversionStatus
ImmSetOpenStatus
ImmReleaseContext

wininet

InternetSetCookieA
InternetOpenA
InternetOpenUrlA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
DeleteUrlCacheEntry

shlwapi

SHAutoComplete

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68fc1861293f6cd19695bdc2a046e010

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

imm32

wininet

shlwapi

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 125KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 16KB - Virtual size: 23KB

.SHARED Size: 4KB - Virtual size: 1KB

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 128KB - Virtual size: 125KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 16KB - Virtual size: 23KB

.SHARED
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 16KB - Virtual size: 13KB