2810cad14dc8dcc93882b7cb8377facf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2810cad14dc8dcc93882b7cb8377facf_JaffaCakes118
Size

124KB
MD5

2810cad14dc8dcc93882b7cb8377facf
SHA1

af32cfe476a701ee32f2d61a7743cf44cc29bc38
SHA256

994e70905bb504d4ab9126c98fbe4551ba81b6fed28ab132eb812b51ab98fdcd
SHA512

eabf091bb1ac0a9fff435636abfda64ab7bee50c33652bbe67008ff054af9fd527a5646d0459f40caf7495e77c2d9a3a6ffac645c2cfaca90acebffff943f074
SSDEEP

3072:hr3U7U3K+RD5XzHGMMuuHJ4/IwoSKulKlL:hrEA6+R977ui/ESKulmL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2810cad14dc8dcc93882b7cb8377facf_JaffaCakes118

Files

2810cad14dc8dcc93882b7cb8377facf_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

d5bf67eb90d5f1e6fcbed5efc26a2aea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

SHSetValueA
SHGetValueA
StrStrIA

rpcrt4

UuidToStringA

oleaut32

GetErrorInfo
VariantClear
SysAllocString
SysFreeString

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

user32

SystemParametersInfoA
SetWindowPos
KillTimer
SetTimer
wsprintfA
EnumWindows
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
OpenClipboard
CloseClipboard
GetWindowThreadProcessId
RegisterClassExA
GetClassNameA
DefWindowProcA
EnumChildWindows

winmm

timeGetTime

wininet

HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetSetOptionA

netapi32

Netbios

msvcrt

isxdigit
ispunct
wctomb
malloc
__mb_cur_max
??3@YAXPAX@Z
isgraph
strerror
printf
__CxxFrameHandler
_CxxThrowException
strchr
??0exception@@QAE@XZ
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
wcslen
wcscmp
isupper
free
srand
fclose
fwrite
fopen
tmpnam
atoi
toupper
strtok
strstr
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
tolower
isalnum
isalpha
strncpy
islower
isspace
??0exception@@QAE@ABV0@@Z
??2@YAPAXI@Z
_stricmp

ole32

CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoCreateGuid

kernel32

GetCurrentProcessId
CreateFileA
DeleteFileA
CreateProcessA
WaitForSingleObject
MoveFileExA
DisableThreadLibraryCalls
OpenProcess
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
CloseHandle
GetLocalTime
SleepEx
lstrcmpA
lstrcmpiA
lstrcpynA
InterlockedExchange
GetEnvironmentVariableA
GetVersion
HeapAlloc
HeapSize
FormatMessageA
LocalFree
GetFullPathNameA
SetLastError
GetWindowsDirectoryA
Sleep
lstrlenA
lstrcpyA
GetProcessHeap
LoadLibraryA
GetLastError
GetProcAddress
FreeLibrary
GetCurrentDirectoryA
MultiByteToWideChar
GetModuleHandleA
GetModuleFileNameA
GetCurrentProcess
GetProcessTimes
GetSystemDirectoryA
GetSystemInfo
GetCurrentThread
QueryPerformanceFrequency
GetTickCount
GetVersionExA
HeapFree
FreeEnvironmentStringsA
GetEnvironmentStrings
GetThreadTimes
QueryPerformanceCounter

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5bf67eb90d5f1e6fcbed5efc26a2aea

Headers

File Characteristics

Imports

advapi32

version

shlwapi

rpcrt4

oleaut32

psapi

user32

winmm

wininet

netapi32

msvcrt

ole32

kernel32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 22KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 22KB

.reloc
Size: 8KB - Virtual size: 6KB