2e1e2c0f98a2983dbee67548cea1df1e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2e1e2c0f98a2983dbee67548cea1df1e_JaffaCakes118
Size

668KB
MD5

2e1e2c0f98a2983dbee67548cea1df1e
SHA1

110bdb69660f1ebb541f713ae6b3e07ac4c394cc
SHA256

ee869380b3ac2665ab5d3a902349888ea9a5ce4062e19b73284e12ef20a7b5d7
SHA512

6d2f27bc40433aa88937908c739c334c25a040810ccfaf7174003f38bfc9b86fcf62eef12dc755ee7ce3091b9a769b5506a8c1139ebddde284dd8bc76311d6af
SSDEEP

12288:ygYR0q+rgysayaplIjo/+C7DvZwPQ5RQhBnhd0Bp7VQI3hj4DJMDLEahKQnaj1uv:tq+MybyMujo/+mDvZwPQ5Inhd0bWyT40

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e1e2c0f98a2983dbee67548cea1df1e_JaffaCakes118

Files

2e1e2c0f98a2983dbee67548cea1df1e_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

de4bee127d0ab8c4a3c9ba0b8e0889b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

UrlUnescapeW
UrlGetPartW
UrlEscapeW
StrStrIW
PathIsDirectoryW
PathMatchSpecW
PathFileExistsW
StrCmpIW

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetProcAddress
LoadLibraryA
SetLastError
GetDriveTypeA
GetProcessHeap
SetEndOfFile
CreateFileA
GetModuleHandleA
GetTimeZoneInformation
CreateFileW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
InterlockedDecrement
GetUserDefaultLCID
GetCurrentDirectoryA
SetFilePointer
GetDateFormatA
GetTimeFormatA
IsValidCodePage
GetOEMCP
GetACP
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetFullPathNameW
Sleep
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
GetSystemInfo
CreateMutexW
WaitForSingleObject
ReleaseMutex
CloseHandle
GetSystemTime
InterlockedExchange
ReadFile
InterlockedIncrement
CompareStringA
CompareStringW
GetLocaleInfoA
GetLastError
HeapReAlloc
VirtualAlloc
WriteFile
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
SetEnvironmentVariableA
HeapFree
GetSystemTimeAsFileTime
ExitThread
CreateThread
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileW
RaiseException
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
HeapAlloc
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapSize
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy

user32

EnumChildWindows
wsprintfW
RealGetWindowClassW
GetWindowTextW
SendMessageW
SetWindowLongW
CallWindowProcW
SetWindowPos
SetWindowTextW
GetWindowLongW

ole32

CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
CoCreateGuid
CoTaskMemFree
CoInitialize

oleaut32

VarBstrCmp
VariantClear
VariantChangeType
VariantCopy
SysStringLen
SysAllocString
VariantInit
SysFreeString

ws2_32

inet_addr

rpcrt4

UuidToStringW
RpcStringFreeW

advapi32

ImpersonateSelf
LookupPrivilegeValueW
OpenThreadToken
AdjustTokenPrivileges

shell32

SHCreateDirectoryExW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 528KB - Virtual size: 528KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de4bee127d0ab8c4a3c9ba0b8e0889b6

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

ole32

oleaut32

ws2_32

rpcrt4

advapi32

shell32

Exports

Exports

Sections

.text Size: 528KB - Virtual size: 528KB

.rdata Size: 74KB - Virtual size: 73KB

.data Size: 6KB - Virtual size: 21KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 57KB - Virtual size: 56KB

.text
Size: 528KB - Virtual size: 528KB

.rdata
Size: 74KB - Virtual size: 73KB

.data
Size: 6KB - Virtual size: 21KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 57KB - Virtual size: 56KB