30d0b2c3e5e6b3ffe570622b89de84e4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

30d0b2c3e5e6b3ffe570622b89de84e4_JaffaCakes118
Size

147KB
MD5

30d0b2c3e5e6b3ffe570622b89de84e4
SHA1

7e914291f8a9c2ece7e71da1c7fb5dabe8415a9e
SHA256

8eb1af06b87a84b2455ee4859a081fd8b5371b26a3de2a4d3baa6f2ed8df7d37
SHA512

64af3b8bdb3a559d1ecd40d5e4ebeb81d8ff8e5278f4e26301493ed77df79750793a4226733b896b95e9800daf41cfb340230fc6ac97d1171ee1f3568e0f1fb7
SSDEEP

3072:yEG17mlgGvvt0YkPZ4jWIPuwltasGkH+JqglNR0JLni:tGxmd0HZ4xPtlj0RM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30d0b2c3e5e6b3ffe570622b89de84e4_JaffaCakes118

Files

30d0b2c3e5e6b3ffe570622b89de84e4_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

31013f732b9d147355e72215dc6be06a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHGetValueA
PathFileExistsA
SHDeleteValueA
PathFindExtensionA
SHSetValueA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wininet

InternetCheckConnectionA

ole32

CoTaskMemRealloc
StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoCreateGuid
CoInitialize
CoCreateInstance

rpcrt4

UuidToStringA

urlmon

URLDownloadToFileA

kernel32

IsBadCodePtr
IsBadReadPtr
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetFilePointer
GetStartupInfoA
GetFileType
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
RaiseException
GetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
lstrlenA
lstrcmpiA
CompareStringA
CompareStringW
InterlockedIncrement
InterlockedDecrement
DisableThreadLibraryCalls
GetModuleFileNameA
lstrcpynA
lstrcatA
GetEnvironmentVariableA
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
LockResource
FindResourceExA
Sleep
GetSystemTime
SetFileAttributesA
DeleteFileA
CloseHandle
ReadFile
CreateFileA
GetTickCount
GetTempPathA
WriteFile
GetFileSize
CreateProcessA
GetWindowsDirectoryA
FindNextFileA
FindFirstFileA
GetStdHandle
SetHandleCount
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
SetUnhandledExceptionFilter
SetStdHandle
FlushFileBuffers
LoadLibraryA
SetEndOfFile
HeapCreate
SetEnvironmentVariableA
VirtualFree
IsBadWritePtr
TerminateProcess
lstrcpyA
LCMapStringW
LCMapStringA
GetProcAddress
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetCPInfo
GetOEMCP
ExitProcess
GetCommandLineA
GetCurrentThreadId
CreateThread
ResumeThread
ExitThread
GetDateFormatA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
LocalFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetSystemTimeAsFileTime
GetTimeFormatA
GetCurrentProcess

user32

CharNextA

advapi32

RegOpenKeyA
RegEnumValueA
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

oleaut32

SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VarBstrCmp
VariantCopy
SysStringLen
LoadRegTypeLi
VariantInit
DispCallFunc
VariantClear
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysAllocStringLen
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31013f732b9d147355e72215dc6be06a

Headers

File Characteristics

Imports

shlwapi

version

wininet

ole32

rpcrt4

urlmon

kernel32

user32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 8KB - Virtual size: 988KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 988KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 12KB - Virtual size: 10KB