2da81c96d522bcaf656eab61ccc222c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2da81c96d522bcaf656eab61ccc222c2_JaffaCakes118
Size

144KB
MD5

2da81c96d522bcaf656eab61ccc222c2
SHA1

9d4c9939f287884610cfb86886dfc5cd604fdd2b
SHA256

3b30c2b129fd0b74a2535015c345f393806dc53d653361dd7e690c4cf587e9a3
SHA512

1327b20b0a322bd814de839d010882a86926f8ad5ca391066f598e841879687731517e6167528d8e705653dbc7bf67cd916048fb0d56e62fcd85aa2222937cc6
SSDEEP

3072:Z1kVnCbhc28mGCnbp1DvhjzxZUKqTtX0upFxdAqJFTKVMLjcp4:I1khc287OlRvhlYXpHdAiTK8wp4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2da81c96d522bcaf656eab61ccc222c2_JaffaCakes118

Files

2da81c96d522bcaf656eab61ccc222c2_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

9e0e4402e582fb849b4cfc366863f5cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetWindowPos
SystemParametersInfoA
DispatchMessageA
TranslateMessage
OpenClipboard
ShowWindow
CloseClipboard
RegisterClassExA
EnumWindows
EnumChildWindows
GetWindowThreadProcessId
GetClassNameA
DefWindowProcA
wsprintfA
SetTimer
KillTimer
CreateWindowExA
GetMessageA

rpcrt4

UuidToStringA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

wininet

InternetCloseHandle
InternetOpenUrlA
InternetSetOptionA
InternetOpenA
InternetReadFile
HttpQueryInfoA

netapi32

Netbios

advapi32

SetEntriesInAclA
SetSecurityInfo
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
GetSecurityInfo

winmm

timeGetTime

ole32

CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateGuid
CoCreateInstance

shlwapi

SHSetValueA
SHGetValueA
StrStrIA

msvcrt

isalpha
ispunct
islower
isgraph
strerror
toupper
strtok
??0exception@@QAE@ABV0@@Z
tolower
_CxxThrowException
??0exception@@QAE@XZ
??1exception@@UAE@XZ
fclose
fwrite
fopen
tmpnam
atoi
strtol
srand
strncpy
?what@exception@@UBEPBDXZ
wcslen
wcscmp
wctomb
__mb_cur_max
strstr
isupper
isalnum
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
strchr
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
isxdigit
isspace
malloc
_stricmp
free
printf

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

oleaut32

VariantClear
SysFreeString
SysAllocString
GetErrorInfo

kernel32

GetCurrentProcess
GetProcessTimes
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
lstrcmpA
lstrcmpiA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetLocalTime
MultiByteToWideChar
CreateProcessA
WaitForSingleObject
LoadLibraryA
GetProcAddress
FreeLibrary
MoveFileExA
FormatMessageA
LocalFree
lstrcpynA
GetEnvironmentVariableA
GetVersionExA
GetCurrentProcessId
QueryPerformanceCounter
GetCurrentDirectoryA
lstrlenA
GetProcessHeap
HeapSize
DeleteFileA
HeapAlloc
CreateFileA
GetCurrentThread
GetThreadTimes
GetModuleHandleA
GetVersion
GetSystemInfo
SleepEx
lstrcpyA
GetWindowsDirectoryA
GetSystemDirectoryA
GetFullPathNameA
InterlockedExchange
QueryPerformanceFrequency
GetTickCount
CloseHandle
OpenProcess
GetLastError
SetLastError
GetModuleFileNameA
Sleep
HeapFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e0e4402e582fb849b4cfc366863f5cf

Headers

File Characteristics

Imports

user32

rpcrt4

version

wininet

netapi32

advapi32

winmm

ole32

shlwapi

msvcrt

psapi

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 20KB - Virtual size: 22KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 22KB

.reloc
Size: 8KB - Virtual size: 6KB