292bfe33552e68ffd9ca06eafa6b908d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

292bfe33552e68ffd9ca06eafa6b908d_JaffaCakes118
Size

112KB
MD5

292bfe33552e68ffd9ca06eafa6b908d
SHA1

6302c36bb22d2fff09e9c0e5faa51b6df9530e66
SHA256

b78a6ca815253d3299741e962f13278578a1654f6ae1e93b45a30cec855077d8
SHA512

31d5c485d71af922bf7dc6ff61618cc6f1b6142135bb84c14c64a16b017f6fb3154cfa7ae329b60c7c67ecce133bf44a0380a06a7d3460b74860581100b1d3d9
SSDEEP

3072:yLJfhH/kaLvo6UpjAHKnpDMEYrmoQZychpUfPjyI:yhh80pKnRMEWcG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
292bfe33552e68ffd9ca06eafa6b908d_JaffaCakes118

Files

292bfe33552e68ffd9ca06eafa6b908d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

716a76b090682710038f3467b003b145

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FlushViewOfFile
GetConsoleCP
GetCommandLineW
SetConsoleTextAttribute
GetTempFileNameW
FindCloseChangeNotification
FindResourceExW
CreateMutexW
SetVolumeLabelA
GlobalGetAtomNameW
UnregisterWait
RtlUnwind
HeapValidate
GlobalFree
GetVolumeNameForVolumeMountPointW
ReadConsoleW
GetDiskFreeSpaceA
VirtualAlloc
GetTempPathW
FindClose
FindFirstVolumeMountPointW
LCMapStringA
LocalLock
GetSystemDefaultUILanguage
IsValidLanguageGroup
GlobalMemoryStatusEx
VirtualAllocEx
GetSystemDirectoryA
GetUserDefaultUILanguage
OpenEventA
ReadProcessMemory
SystemTimeToFileTime
GetFileAttributesW
SetConsoleCtrlHandler
GetFileTime
CreateTimerQueue
CancelWaitableTimer
GetVolumeInformationW
lstrcmpA
lstrcmpiW
OpenSemaphoreA
ExitThread
WriteConsoleA
RemoveDirectoryA
FindFirstVolumeW
GetProfileStringA
CreateNamedPipeA
GetNumberFormatW
WriteFileEx
PeekConsoleInputW
DisconnectNamedPipe
CreateMailslotA
EnumSystemLocalesA
GetBinaryTypeW
GetFileAttributesA
GetTapeParameters
Beep
GetFileSizeEx
FindVolumeClose
GetVersion
SetFilePointer
GetVersionExA
GetAtomNameW
AllocConsole
HeapAlloc
SetErrorMode
SetFileTime
OpenProcess
TerminateJobObject
GetStringTypeExW
GetShortPathNameA
ReadConsoleA
AddAtomA
LockFileEx
GetFullPathNameW
TerminateProcess
CompareFileTime
FindResourceA
GetVolumePathNamesForVolumeNameW
HeapWalk
ReadConsoleInputA
MoveFileExA
GetTimeZoneInformation
GetVolumeInformationA
ReadDirectoryChangesW
GetLogicalDrives
SetNamedPipeHandleState
GetCurrentDirectoryA
VerifyVersionInfoA
FindFirstFileExW
GetComputerNameA
CreateFileA
CreateMutexA
GetProcAddress
CreateDirectoryA
Sleep
GetProcessHeap
CopyFileA
EnterCriticalSection
GetModuleFileNameA
ReadFile
InitializeCriticalSection
LeaveCriticalSection
VirtualProtect
WriteFile
ExpandEnvironmentStringsA
CloseHandle
GetLastError
HeapFree
InterlockedIncrement
LoadLibraryA
GetModuleHandleA
GetCurrentProcessId
FindNextFileW

user32

DefDlgProcA
MessageBoxExW
InsertMenuItemA
InsertMenuItemW
TabbedTextOutW
CopyAcceleratorTableA
GetClassLongA
FrameRect
SetTimer
GetNextDlgTabItem
CloseDesktop
FindWindowW
SetMenuItemInfoA
MapWindowPoints
LoadImageA
wvsprintfW
TranslateAcceleratorA
RegisterWindowMessageW
IntersectRect
WaitMessage
NotifyWinEvent
OpenIcon
MessageBoxIndirectW
DrawStateA
GetShellWindow
GetPropW
SetDlgItemTextW
SetWindowTextW
WaitForInputIdle
SetProcessWindowStation
GetTabbedTextExtentA
SetMessageQueue
MsgWaitForMultipleObjects
EnumWindows
SendNotifyMessageW
SwitchToThisWindow
RegisterHotKey
ReleaseCapture
CheckMenuItem
GetUpdateRect
InvalidateRect
ToAscii
GetAncestor
SetScrollRange
PostThreadMessageA
CopyAcceleratorTableW
InternalGetWindowText
OpenInputDesktop
DrawTextExA
GetMenuStringA
BringWindowToTop
GetWindowTextLengthW
GetComboBoxInfo
PostMessageW
CheckMenuRadioItem
PtInRect
GetMenuItemID
ReleaseDC
CallMsgFilterW
CheckRadioButton
EnumDisplaySettingsA
RemoveMenu
GetPropA
ScrollDC
MonitorFromWindow
SetActiveWindow
SendDlgItemMessageW
IsDialogMessageW
CharToOemBuffA
ChildWindowFromPointEx
DispatchMessageA
GetMessageA
FindWindowA
SetWindowsHookExA
GetClientRect
CreateWindowExA
GetClassNameA
GetWindowThreadProcessId
SetWindowLongA
RegisterClassExA
GetWindowLongA
DefWindowProcA
CallNextHookEx
SendMessageA
SendInput

advapi32

ConvertSidToStringSidA
RegCreateKeyExA
LookupAccountNameA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegCloseKey
ReadEventLogW
EnumServicesStatusExW
SetEntriesInAclW
StartServiceA
RegEnumValueW
RegisterEventSourceW
CloseServiceHandle
CreateServiceW
DuplicateTokenEx
ReportEventA
GetUserNameW
OpenThreadToken
RegLoadKeyW
ChangeServiceConfig2W
EnumDependentServicesW
RegisterEventSourceA
ImpersonateLoggedOnUser
MapGenericMask
StartServiceW

shell32

ShellExecuteW
SHGetInstanceExplorer
ShellAboutA
SHAppBarMessage
CommandLineToArgvW
SHGetFolderPathA
ShellExecuteA

gdi32

GetTextColor
GetDIBits
ModifyWorldTransform
SetRectRgn
AbortPath
CreateDCA
TextOutW
GetViewportExtEx
GetGlyphOutlineA
GetGlyphOutlineW
Chord
GetMapMode
Polyline
SetPaletteEntries
CreateRectRgn
SetSystemPaletteUse
PolylineTo
SetBrushOrgEx
InvertRgn
SetTextJustification
SetWindowExtEx
PlayMetaFileRecord
SetMetaRgn
PlayEnhMetaFile
StrokePath
CreatePalette
CreateDCW
SetMapMode
Escape
GetTextCharacterExtra
DeleteEnhMetaFile
GetObjectA
EnumMetaFile
ResetDCA
GetTextMetricsA
EndPath
CreateMetaFileA
SetDIBColorTable
GetObjectType
StrokeAndFillPath
ExtCreatePen
GetNearestColor
CloseEnhMetaFile
GetViewportOrgEx
IntersectClipRect
GetPath
GetBitmapDimensionEx
GetWindowExtEx
GetLayout
SetROP2

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

716a76b090682710038f3467b003b145

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 89KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 92KB - Virtual size: 89KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB