2866fbd120d93589c0e2e45d7c443b7f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2866fbd120d93589c0e2e45d7c443b7f_JaffaCakes118
Size

108KB
MD5

2866fbd120d93589c0e2e45d7c443b7f
SHA1

503eac11cb72c1df6712b17789229e6712597a6c
SHA256

d9429b6227601007cf2eb05c8053d68eee990828f454de3dec9c48693f324a24
SHA512

6212154014e54fc51c57d262fc3bace89de9f6be21a978ea11493450fe735b6fb6bdd754810f8dae43b60850dac0d9b4ef00c1ce5df300d0847055ff15a8b0a7
SSDEEP

3072:ltT3t4HaAd5BnbXaSajSMpgDp97gTPhdRQWaQ:ltd4HaApnbNMeN+Ph

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2866fbd120d93589c0e2e45d7c443b7f_JaffaCakes118

Files

2866fbd120d93589c0e2e45d7c443b7f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

200e4814a17c74a4f5615e3b12fe8b6a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CancelIo
LocalLock
SetConsoleScreenBufferSize
GlobalDeleteAtom
GetQueuedCompletionStatus
FreeResource
GetDriveTypeW
CreateIoCompletionPort
AddAtomA
MoveFileExW
CreateMailslotW
lstrcatA
LockFile
RegisterWaitForSingleObject
TransactNamedPipe
GetStdHandle
WaitNamedPipeW
SetConsoleMode
EnumResourceNamesW
CreateJobObjectW
ConnectNamedPipe
GetStringTypeExW
EnumSystemLocalesA
WriteProfileStringA
GetTempPathA
VerifyVersionInfoW
GetBinaryTypeW
ReadProcessMemory
SetFilePointer
CreateDirectoryW
MapViewOfFileEx
HeapReAlloc
Beep
FindFirstVolumeW
GetTempFileNameW
EnumResourceLanguagesA
GetDateFormatA
FreeEnvironmentStringsW
WaitForMultipleObjects
PulseEvent
FindClose
GetStringTypeA
CreateProcessW
DosDateTimeToFileTime
CreateWaitableTimerA
SleepEx
GetCurrentProcess
FreeConsole
IsBadStringPtrA
GetSystemDirectoryW
GetFileAttributesExA
lstrcmpiW
SwitchToThread
VirtualAlloc
SetSystemTime
GetCurrentDirectoryW
TerminateJobObject
GetStartupInfoW
GetLargestConsoleWindowSize
SetHandleCount
GetConsoleScreenBufferInfo
FindAtomA
SetConsoleActiveScreenBuffer
FindNextVolumeW
HeapUnlock
IsBadStringPtrW
GetStringTypeExA
GetConsoleMode
GetSystemTimeAdjustment
EnumUILanguagesW
GetCompressedFileSizeW
InterlockedCompareExchange
RemoveDirectoryA
ChangeTimerQueueTimer
EnumResourceNamesA
FindFirstChangeNotificationW
LCMapStringW
SetVolumeLabelA
PurgeComm
GetProcessAffinityMask
HeapLock
SetErrorMode
LocalUnlock
WriteConsoleW
SetVolumeLabelW
GetProfileStringA
GlobalGetAtomNameW
WriteProcessMemory
FreeLibraryAndExitThread
GetLocaleInfoA
CreateDirectoryA
InitializeCriticalSection
CreateFileA
ReadFile
EnterCriticalSection
GlobalAlloc
GetModuleHandleA
Sleep
LeaveCriticalSection
LoadLibraryA
GetLastError
WriteFile
ExpandEnvironmentStringsA
InterlockedDecrement
CreateMutexA
GetProcAddress
HeapValidate
CopyFileA

ole32

CoFreeUnusedLibraries
CreateGenericComposite
CoFreeUnusedLibrariesEx
CoDisconnectObject
CreateFileMoniker
OleCreateFromFile
OleUninitialize
CreateItemMoniker
OleQueryCreateFromData
GetHGlobalFromStream
CoDisableCallCancellation
CoGetCallContext
OleRun
PropVariantClear
RevokeDragDrop
OleCreateMenuDescriptor
OleLockRunning
CoLockObjectExternal
CoFileTimeNow
OleGetAutoConvert
OleRegGetMiscStatus
CoTaskMemFree
CoUninitialize
CoInitialize
CLSIDFromString
CoCreateInstance

user32

GetMenuItemCount
SetProcessDefaultLayout
SetWindowTextA
TrackPopupMenu
SetPropA
CharUpperBuffA
EndTask
GetDesktopWindow
GetTabbedTextExtentA
CopyImage
OpenDesktopA
SetCapture
EndPaint
SetWindowPlacement
SetPropW
SetDlgItemTextW
CloseDesktop
GetClassInfoW
TabbedTextOutW
EnumDesktopsW
GetParent
GetMenu
OpenDesktopW
WindowFromDC
FreeDDElParam
AppendMenuA
WinHelpA
WinHelpW
MsgWaitForMultipleObjectsEx
MapDialogRect
IsRectEmpty
ModifyMenuW
GetDC
SetClassLongW
RemovePropA
UnregisterClassW
EnableMenuItem
ChildWindowFromPointEx
SetSysColors
CopyAcceleratorTableW
wvsprintfA
GetFocus
PostMessageA
GetScrollPos
DefFrameProcA
OpenIcon
GetCursor
ScrollDC
MessageBoxExA
InSendMessage
DrawTextA
DrawIconEx
CharUpperW
ChangeDisplaySettingsExW
DefFrameProcW
GetActiveWindow
UnregisterHotKey
CharToOemA
GetAsyncKeyState
SetProcessWindowStation
LoadAcceleratorsW
SetScrollInfo
SetFocus
DefMDIChildProcA
EnumWindowStationsW
SetActiveWindow
GetKeyNameTextA
RegisterHotKey
GetCaretPos
IsWindowVisible
ShowWindowAsync
GetDlgItemTextW
DestroyAcceleratorTable
GetWindowThreadProcessId
GetWindowLongA
DefWindowProcA
CreateWindowExA
SetWindowLongA
SendMessageA
FindWindowA
GetWindowTextLengthW
GetMessageA
DispatchMessageA
UnhookWindowsHookEx

shlwapi

SHGetValueW
PathSetDlgItemPathW
StrToIntW
StrNCatW
PathUndecorateW
UrlEscapeW
PathIsURLW
StrRChrW
PathCompactPathW
PathRemoveBackslashW
PathIsUNCServerShareW
PathFindFileNameW
StrDupA
StrCpyNW
wvnsprintfW
PathMatchSpecW
StrTrimW
PathFindFileNameA
PathQuoteSpacesW
StrDupW
PathAddExtensionW
PathCanonicalizeW
SHDeleteValueW
UrlIsW
PathFindNextComponentW
StrCmpIW
UrlUnescapeW
StrStrIA
StrCmpNIW
PathGetCharTypeA

gdi32

SetMapperFlags
GetTextExtentPoint32A
SetPixel
EnumMetaFile
SetLayout
BitBlt
ResetDCA
ExtEscape
GetCharWidthA
GetRandomRgn
GetTextCharset
CreatePen
CreatePolygonRgn
EnumFontFamiliesExW
GetObjectA
ExtTextOutW
SelectPalette
SelectObject
SetWindowOrgEx
SetBrushOrgEx
GetEnhMetaFileHeader
PolyBezierTo
PtInRegion
DescribePixelFormat
ModifyWorldTransform
TextOutW
SetGraphicsMode
StartDocW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

200e4814a17c74a4f5615e3b12fe8b6a

Headers

File Characteristics

Imports

kernel32

ole32

user32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB