2b1b4765b4f93eb10e8b496466c1af69_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b1b4765b4f93eb10e8b496466c1af69_JaffaCakes118
Size

319KB
MD5

2b1b4765b4f93eb10e8b496466c1af69
SHA1

3592d34e2b12dbf6f20c342c5da8ee2c48652893
SHA256

f62010e2ac6db0bfd765b9a6f63e04754e377b63e5d2c248d3d83f0daaeb46be
SHA512

1a8b53286f3f3cb54d306fe23022d129127afc24c8de9f421bf3dd4c7356f47e5594a13a943082d42bf81e93239f1fc7f21eacd42772d1ab16962f1c13760b3e
SSDEEP

6144:TQ4B5Ip4OcrcJn9Qb+nOeT6qb0kl+KhY9wqBOk92PWW:TQKIp4jcJn9NT6S+Kmfi/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b1b4765b4f93eb10e8b496466c1af69_JaffaCakes118

Files

2b1b4765b4f93eb10e8b496466c1af69_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

b7a565d081a3035235509277359d5741

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

dxgi

CreateDXGIFactory

kernel32

GetLastError
GetModuleHandleA
MultiByteToWideChar
GlobalFree
GlobalUnlock
SetLastError
GlobalLock
GlobalAlloc
InterlockedDecrement
SetEvent
OpenEventA
LocalFree
FormatMessageA
CreateMutexA
ReleaseMutex
WideCharToMultiByte
lstrlenW
RaiseException
lstrlenA
DisableThreadLibraryCalls
GetSystemPowerStatus
GetExitCodeProcess
IsDBCSLeadByte
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
ReadFile
InitializeCriticalSectionAndSpinCount
CloseHandle
CreateProcessA
GetModuleFileNameA
WaitForSingleObject
TerminateProcess
LoadLibraryA
GetProcAddress
GetCurrentProcess
FreeLibrary
GetVersionExA
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
GetProcessHeap
LeaveCriticalSection
EnterCriticalSection
Sleep
GetLocaleInfoA
lstrcmpiA
GetModuleHandleW
SetFilePointer
GetConsoleMode
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
RtlUnwind
HeapFree
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCurrentThreadId
GetCommandLineA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapCreate
HeapDestroy
VirtualFree
HeapReAlloc
ExitProcess
WriteFile
GetStdHandle
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetConsoleCP

user32

CharNextW
CharNextA
FindWindowA
BroadcastSystemMessageA
GetDC
ReleaseDC
EnumDisplayDevicesA
GetSystemMetrics
RegisterWindowMessageA
PostMessageA
ChangeDisplaySettingsA
PostThreadMessageA

gdi32

CreateDCA
DeleteDC
GetDeviceCaps

advapi32

SetEntriesInAclA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteValueA
RegDeleteKeyA
GetSecurityInfo
AllocateAndInitializeSid
SetSecurityInfo
RegCreateKeyExA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

ole32

StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

oleaut32

VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysFreeString
VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
InstallTVWizard
UnInstallTVWizard
WinlogonUnlockEvent

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7a565d081a3035235509277359d5741

Headers

File Characteristics

Imports

dxgi

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 174KB - Virtual size: 173KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 7KB - Virtual size: 17KB

.rsrc Size: 102KB - Virtual size: 101KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 174KB - Virtual size: 173KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 7KB - Virtual size: 17KB

.rsrc
Size: 102KB - Virtual size: 101KB

.reloc
Size: 11KB - Virtual size: 10KB