2d7bfe14a450d713261ea72c313dfff1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d7bfe14a450d713261ea72c313dfff1_JaffaCakes118
Size

66KB
MD5

2d7bfe14a450d713261ea72c313dfff1
SHA1

c4c677798b8c5d513b9e6c9b58dadb71be923e27
SHA256

1a4b284374f2665e9b717658e2f54dfae119b2069e88876c05a0e75e283241ee
SHA512

29560e85aa22f55ca0e1c19c8d2e936ef8f4b4bb6f40928bccf1aee7e2bfed330950060452f7b840c278e59502714bc44c36af3a6e485865781fdce37a12d609
SSDEEP

1536:sQTJbJZdtHPfjJOIDZ0rEX8XVDNTy2a5w7hgmL:sQTJbJDtvXZkGvS7h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d7bfe14a450d713261ea72c313dfff1_JaffaCakes118

Files

2d7bfe14a450d713261ea72c313dfff1_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

75ffe65dee71dd6cebf26cc52d3e9995

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WinExec
LockResource
SizeofResource
LoadResource
FindResourceA
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
CreateDirectoryA
GetEnvironmentVariableA
RemoveDirectoryA
GetWindowsDirectoryA
FindNextFileA
FindFirstFileA
ReleaseMutex
WriteFile
MoveFileExA
CopyFileA
lstrlenW
LoadLibraryExA
SetErrorMode
LocalFree
GetSystemDirectoryA
SetFilePointer
ReadFile
CreateFileA
DeviceIoControl
GetVersionExA
lstrcpyA
lstrcatA
GetPrivateProfileStringA
GetPrivateProfileSectionA
DeleteFileA
GetTempPathA
GetTempFileNameA
WaitForSingleObject
GetTickCount
CreateMutexA
GetLastError
CloseHandle
LoadLibraryA
GetProcAddress
FreeLibrary
GetShortPathNameA
DisableThreadLibraryCalls
GetModuleFileNameA
FindClose

user32

CallWindowProcW
EndDialog
GetParent
GetPropA
FindWindowExA
wsprintfA
SetWindowTextA
SetTimer
PostMessageA
DialogBoxParamA
KillTimer
SendMessageA
SetDlgItemTextA
MessageBoxA
GetWindowTextA
GetDlgItem
GetDesktopWindow
EndPaint
GetSysColor
PtInRect
GetMessagePos
GetWindowRect
BeginPaint
SetCursor
LoadCursorA
ReleaseCapture
SetCapture
GetCapture
GetAncestor
InvalidateRect
IsWindow
DrawIcon
ScreenToClient
LoadIconA
RemovePropA
SetPropA
LoadStringA
CallWindowProcA
IsWindowUnicode
SetWindowLongW
SetWindowLongA

gdi32

GetObjectA
CreateFontIndirectA
SelectObject
SetBkMode
SetBkColor
TextOutA
SetTextColor
DeleteObject

advapi32

RegSetValueExA
RegOpenKeyA
RegEnumValueA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA

ole32

OleInitialize
OleUninitialize
CoGetMalloc
StringFromIID

oleaut32

LoadTypeLi
SysAllocString
RegisterTypeLi
SysFreeString

shlwapi

SHRegEnumUSKeyA
SHRegCloseUSKey
SHSetValueA
SHRegOpenUSKeyA
SHGetValueA
SHDeleteValueA
SHDeleteEmptyKeyA
SHDeleteKeyA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

urlmon

URLDownloadToFileA

msvcrt

_itoa
memset
??2@YAPAXI@Z
memcmp
strcat
strcpy
strlen
_snprintf
_mbsicmp
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
__dllonexit
_CxxThrowException
toupper
tolower
memmove
atoi
atol
_ftol
_stricmp
__CxxFrameHandler
rewind
fgets
_strnicmp
fprintf
fwrite
strchr
memchr
fseek
ftell
strncmp
??3@YAXPAX@Z
time
sprintf
sscanf
strncat
free
fopen
fread
fclose
strstr
malloc
_except_handler3
_beginthreadex
strncpy
strrchr
memcpy
strcmp

setupapi

SetupIterateCabinetA

wininet

InternetGetConnectedState
InternetCrackUrlA

Exports

Exports

Action
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
EventInvoke
Install
SetSysInfo
Version

Sections

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.autoliv
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75ffe65dee71dd6cebf26cc52d3e9995

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

version

urlmon

msvcrt

setupapi

wininet

Exports

Exports

Sections

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 36KB - Virtual size: 43KB

.autoliv Size: 512B - Virtual size: 4B

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 4KB - Virtual size: 3KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 36KB - Virtual size: 43KB

.autoliv
Size: 512B - Virtual size: 4B

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 4KB - Virtual size: 3KB