2eec07d4f72d1c189161e58ca8732540_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2eec07d4f72d1c189161e58ca8732540_JaffaCakes118
Size

117KB
MD5

2eec07d4f72d1c189161e58ca8732540
SHA1

9841ae1a3c6cfe6f1b98a4d0501b8573bc6f29f3
SHA256

c46f615a75d964684248c133ba1eda96b271cd3cdb4234846737bbcc3318b832
SHA512

8e063a822b7469b6efc1cd62a1e6a4ee2872e8260c9e7f1b07f19cbaeb0c584e6769a611803dd82edfcd2ed1845c6b1435a58787390460ec1e9d224b0aacbcaf
SSDEEP

3072:Ra98ROONoYadq8Gcc5rD96I2rJcl5m9lOM:0GOOSxGxpDMQWlOM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2eec07d4f72d1c189161e58ca8732540_JaffaCakes118

Files

2eec07d4f72d1c189161e58ca8732540_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

32393916e7ca1c780963a6237e7e2b63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocaleInfoA
GetThreadLocale
GetVersionExA
WideCharToMultiByte
FindResourceA
SizeofResource
LockResource
LoadResource
FindResourceExA
GetModuleFileNameA
CreateMutexA
CreateFileA
WriteFile
FlushFileBuffers
GetFileSize
CreateFileMappingA
GetModuleHandleA
lstrcpyA
RaiseException
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
GetLastError
GetLocalTime
SystemTimeToFileTime
MultiByteToWideChar
GlobalAlloc
GlobalFree
GetACP
lstrlenA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrcatA
QueryPerformanceCounter
SetUnhandledExceptionFilter
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
SetFilePointer
InterlockedExchange
GetCurrentProcess
OpenFileMappingA
OpenEventA
CloseHandle
OpenMutexA
ResetEvent
SetEvent
UnmapViewOfFile
ReleaseMutex
MapViewOfFile
WaitForSingleObject
LocalFree
lstrlenW
UnhandledExceptionFilter
GetStringTypeW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
GetCPInfo
GetOEMCP
TlsGetValue
TlsSetValue
TlsFree
GetStringTypeA
SetStdHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCurrentThreadId
GetCommandLineA
RtlUnwind
ExitProcess
HeapCreate
VirtualFree
IsBadWritePtr
GetProcAddress
TerminateProcess
TlsAlloc
SetLastError
GetTickCount

user32

CharNextA

advapi32

RegQueryValueExA
RegQueryInfoKeyA
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

shell32

SHGetFileInfoA

ole32

CreateStreamOnHGlobal
StringFromGUID2
CoCreateInstance
StringFromCLSID
CoTaskMemFree

oleaut32

UnRegisterTypeLi
RegisterTypeLi
VariantCopy
DispCallFunc
VariantClear
VariantInit
LoadTypeLi
LoadRegTypeLi
SysFreeString
SysStringLen
VariantChangeType
SysAllocString
VarUI4FromStr

shlwapi

PathAppendA
PathRemoveFileSpecA
SHDeleteKeyA
PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32393916e7ca1c780963a6237e7e2b63

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 82KB - Virtual size: 81KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 82KB - Virtual size: 81KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 8KB - Virtual size: 8KB