28fc88ce04ddf693300a17130ef8bde8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28fc88ce04ddf693300a17130ef8bde8_JaffaCakes118
Size

344KB
MD5

28fc88ce04ddf693300a17130ef8bde8
SHA1

a205f2529c2c999e1264570a7a9b4682c287cf68
SHA256

80c914417c3f84b562b1b524250ef04a690a9ef9906e3e5b86821e256e3fd4f1
SHA512

aa026c78cf7a027a1763bf8c2586170a356bc6e8759ea4ed990f87e954fd6d2456e5536d8559a5254e8d13d039adb56033b9c2cf0d849aaa98787a1a71b3c5b1
SSDEEP

6144:ZxbV2J45UP1l4fQ6z73vlY3gT6BFOSVVfQ/BtLt8Ie1pbVXr:Zxbwam1lGXzOtBFXxEtZ8I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28fc88ce04ddf693300a17130ef8bde8_JaffaCakes118

Files

28fc88ce04ddf693300a17130ef8bde8_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

5c98bded395c325fff70c92f4f14b9ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatA
GetProcAddress
HeapDestroy
DeleteCriticalSection
GetShortPathNameA
InitializeCriticalSection
DisableThreadLibraryCalls
lstrcmpiA
GetModuleFileNameA
GetCurrentProcess
FlushInstructionCache
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
GetModuleHandleA
lstrcpyA
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
GetTickCount
FindResourceA
LoadResource
LockResource
FreeResource
LoadLibraryA
FreeLibrary
CreateFileA
GetFileSize
CloseHandle
MultiByteToWideChar
lstrlenA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
HeapSize
HeapReAlloc
TerminateProcess
SetLastError
GetFileAttributesA
TlsGetValue
EnterCriticalSection
ReadFile
GetLastError
HeapAlloc
TlsFree
TlsAlloc
TlsSetValue
RaiseException
HeapFree
GetVersion
GetCommandLineA
RtlUnwind
InterlockedExchange
Sleep
SetStdHandle
SetFilePointer
FlushFileBuffers
ExitProcess
LeaveCriticalSection
lstrlenW
WideCharToMultiByte

user32

wsprintfA
CreateWindowExA
ReleaseDC
IsWindow
GetDC
FillRect
GetClientRect
ScreenToClient
GetWindowRect
GetSysColor
GetDlgItem
MoveWindow
SetWindowPos
SetWindowLongA
GetWindowLongA
SetWindowTextA
ReleaseCapture
SetCursor
LoadCursorA
SetCapture
GetDesktopWindow
DestroyWindow
IsIconic
SetWindowRgn
ShowWindow
LoadIconA
GetWindowTextA
DefWindowProcA
CallWindowProcA
GetWindowTextLengthA
RegisterClassExA
GetClassInfoExA
AppendMenuA
LoadStringA
RemoveMenu
GetSystemMenu
DialogBoxParamA
InvalidateRect
GetParent
OffsetRect
CopyRect
DrawTextA
GetDlgCtrlID
GetDlgItemTextA
EnumChildWindows
IntersectRect
CharNextA
GetClassNameA
EnableWindow
MessageBeep
BeginPaint
EndPaint
SendMessageA
UpdateWindow
GetWindow
SystemParametersInfoA
MapWindowPoints
CreateDialogIndirectParamA
ClientToScreen
SetFocus
SetDlgItemTextA

gdi32

RestoreDC
SetBkColor
DeleteDC
GetStockObject
Rectangle
DeleteMetaFile
DeleteObject
SetMetaFileBitsEx
CreateDIBitmap
RealizePalette
SelectPalette
SelectClipRgn
CreateRectRgn
CreatePatternBrush
SetPixel
PatBlt
StretchBlt
PlayMetaFile
CreateBitmap
CreateSolidBrush
GetObjectA
CreateCompatibleBitmap
BitBlt
SelectObject
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetMapMode
UnrealizeObject
CreateCompatibleDC
SaveDC
GetDeviceCaps
CreatePalette
EnumFontFamiliesExA
GetTextExtentPoint32A
TextOutA
GetSystemPaletteEntries
CreateFontIndirectA
SetBkMode
SetTextColor

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

ole32

StringFromCLSID
CoTaskMemFree
CoCreateInstance

oleaut32

SysAllocString
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SysStringLen
SysReAllocStringLen
SysFreeString
SysAllocStringLen

winmm

sndPlaySoundA
mciSendCommandA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c98bded395c325fff70c92f4f14b9ea

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

winmm

version

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 180KB - Virtual size: 183KB

.rsrc Size: 40KB - Virtual size: 38KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 180KB - Virtual size: 183KB

.rsrc
Size: 40KB - Virtual size: 38KB

.reloc
Size: 12KB - Virtual size: 9KB