342b72375ae6b7e8f7ef55277e115dfa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

342b72375ae6b7e8f7ef55277e115dfa_JaffaCakes118
Size

116KB
MD5

342b72375ae6b7e8f7ef55277e115dfa
SHA1

4fb1b33d593c0e2e2dfa640c892d104ff58f45f4
SHA256

2a82abdd51508d72a4b64e9d5f997a4ce699380bf0500125bb49b3a47f1ffc48
SHA512

e9b2dd5eafd609213a50c4497874853a667dedb3bde170a7dca6b404bbf2dd8279fee1153a817d57d5ef7db4c5570fe2afaeaf8f2680bb1f444139a7f216ce07
SSDEEP

3072:IBaVJFHBIN8CE3Z9uHDUcFtLZpzSsZwqf+M2r33bono7r/gp8Ll:IO7HBEE3Pubz5GzC8Ll

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
342b72375ae6b7e8f7ef55277e115dfa_JaffaCakes118

Files

342b72375ae6b7e8f7ef55277e115dfa_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

f0ffb80694bc324f58c8a8d64676a079

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

BindIoCompletionCallback
SetVolumeLabelA
GetFileAttributesExW
GetVersion
SetEnvironmentVariableW
LCMapStringA
GetCommandLineA
EnumResourceLanguagesA
GetTimeFormatW
GetSystemWindowsDirectoryA
GetFileAttributesExA
SetConsoleTextAttribute
UnregisterWaitEx
FreeConsole
LocalAlloc
GetCPInfo
GetQueuedCompletionStatus
FindAtomW
GlobalFindAtomA
GetVolumeInformationA
LocalSize
OpenMutexW
WriteConsoleW
FileTimeToLocalFileTime
HeapDestroy
SetConsoleActiveScreenBuffer
MapViewOfFileEx
OpenFile
SetErrorMode
CreateToolhelp32Snapshot
GetLongPathNameW
SetDefaultCommConfigW
CreateDirectoryW
WriteConsoleInputA
CreatePipe
GetCurrentThreadId
CreateTimerQueue
SetConsoleMode
FreeEnvironmentStringsW
TerminateJobObject
GetSystemWow64DirectoryW
SleepEx
HeapCompact
SetLastError
GetConsoleCP
OpenFileMappingA
SetFilePointer
FindFirstFileA
AddAtomW
GetProfileSectionA
GetComputerNameW
FillConsoleOutputAttribute
ReadProcessMemory
ReadConsoleA
FlushConsoleInputBuffer
lstrcmpW
SearchPathW
WaitNamedPipeA
VerifyVersionInfoW
SetVolumeMountPointW
HeapReAlloc
ConnectNamedPipe
SetTimeZoneInformation
FillConsoleOutputCharacterW
PurgeComm
CreateWaitableTimerA
GetHandleInformation
GetThreadLocale
WaitForSingleObjectEx
ClearCommError
CreateMailslotW
GetFileInformationByHandle
CancelWaitableTimer
FileTimeToDosDateTime
CreateConsoleScreenBuffer
FindResourceExW
ExpandEnvironmentStringsW
VerifyVersionInfoA
LocalReAlloc
SearchPathA
WideCharToMultiByte
GetSystemDirectoryA
EnumSystemLocalesA
GetUserDefaultLangID
GetConsoleScreenBufferInfo
lstrcmpiA
IsValidLocale
CallNamedPipeA
IsProcessorFeaturePresent
DisconnectNamedPipe
GetDiskFreeSpaceExW
GetThreadPriority
SetNamedPipeHandleState
SetStdHandle
ReleaseSemaphore
GetNumberFormatA
CreateEventA
DosDateTimeToFileTime
GetSystemInfo
HeapSetInformation
OpenEventA
GlobalGetAtomNameW
GetUserDefaultLCID
ReadConsoleInputA
GetVolumeInformationW
SetWaitableTimer
GlobalHandle
WaitNamedPipeW
GetDateFormatW
lstrcpyW
RemoveDirectoryA
GlobalFindAtomW
SetComputerNameExW
ProcessIdToSessionId
VerLanguageNameW
EnumResourceNamesA
LeaveCriticalSection
MoveFileA
LocalFree
GetComputerNameA
CloseHandle
GetProcessHeap
VirtualQuery
InterlockedDecrement
CreateThread
DeleteFileA
MapViewOfFile
WriteFile
GlobalAlloc
LoadLibraryA
GetModuleHandleA
WaitForSingleObject
ExpandEnvironmentStringsA
HeapFree
GetSystemTimeAsFileTime
CreateFileA
GetLastError
CopyFileA
InitializeCriticalSection
GetTickCount
GetProcAddress
HeapAlloc
ReadFile
EnterCriticalSection
Sleep
GetModuleFileNameA
CreateFileW
InterlockedExchange

ole32

CoUnmarshalInterface
CoGetMarshalSizeMax
OleSetMenuDescriptor
CoRegisterMessageFilter
OleInitialize
OleRegGetUserType
CoCreateFreeThreadedMarshaler
CreateItemMoniker
CoInitializeEx
CreateFileMoniker
OleQueryLinkFromData
OleRegEnumVerbs
ReadFmtUserTypeStg
OleCreateLinkToFile
CoMarshalInterface
BindMoniker
OleIsRunning
CoSwitchCallContext
GetRunningObjectTable
CoTaskMemRealloc
StgCreateDocfileOnILockBytes
CreateGenericComposite
OleCreate
CoInitialize
CoTaskMemFree
CoUninitialize
CoCreateInstance
OleSetContainedObject

user32

GetMonitorInfoA
GetThreadDesktop
SetScrollInfo
wsprintfW
EnumThreadWindows
MonitorFromPoint
AppendMenuW
GetWindowInfo
CharPrevW
IsCharAlphaNumericW
RedrawWindow
DrawAnimatedRects
DestroyWindow
ReleaseCapture
GetScrollBarInfo
FindWindowExA
GetWindowDC
SystemParametersInfoW
UnpackDDElParam
GetComboBoxInfo
WindowFromDC
GetWindowTextA
FreeDDElParam
ChangeDisplaySettingsExW
DefMDIChildProcW
SetSysColors
SetDlgItemTextW
CreateDialogIndirectParamW
UnregisterClassA
PeekMessageW
IsCharAlphaW
FlashWindow
GetMenu
InvalidateRect
EnumDisplaySettingsA
GetMessagePos
CharLowerBuffW
GetIconInfo
MoveWindow
LoadImageA
ReleaseDC
MessageBoxW
CharLowerBuffA
GetDlgItemInt
GetSubMenu
GetParent
CharUpperBuffW
InvertRect
SetTimer
PostQuitMessage
SetScrollRange
IsRectEmpty
SetMenu
MessageBoxExA
CreateDialogIndirectParamA
DestroyCursor
EnableWindow
GetWindowWord
PtInRect
TrackMouseEvent
GetMenuStringA
AppendMenuA
OpenWindowStationA
CreateWindowExW
DeleteMenu
GetClassLongA
IsWindow
DefFrameProcA
HideCaret
ToUnicodeEx
LoadCursorA
CharToOemBuffA
GetSystemMetrics
SetParent
BringWindowToTop
GetWindowTextLengthW
FillRect
GetMenuStringW
CallMsgFilterW
WinHelpW
WaitMessage
InternalGetWindowText
SetRectEmpty
IsCharAlphaNumericA
CharLowerW
TabbedTextOutA
DispatchMessageW
DrawMenuBar
GetFocus
SetClassLongW
IsDlgButtonChecked
GetCursorPos
SetWindowTextA
SetDlgItemInt
GetUpdateRgn
GetCapture
AllowSetForegroundWindow
RemoveMenu
CreateMenu
ChangeDisplaySettingsW
CopyIcon
CreateAcceleratorTableA
DrawIconEx
LoadIconW
GetAsyncKeyState
CharNextA
SetWindowContextHelpId
MapVirtualKeyA
SendNotifyMessageA
CharUpperBuffA
TabbedTextOutW
CloseDesktop
GetProcessWindowStation
SetProcessWindowStation
CharToOemW
SubtractRect
UnhookWindowsHookEx
CallNextHookEx
GetWindowThreadProcessId
SendMessageA
GetMessageA
DefWindowProcA
CreateWindowExA
FindWindowA
DispatchMessageA
ReuseDDElParam

shlwapi

SHAutoComplete
StrCmpNW
StrCmpNIA
PathRemoveExtensionW
UrlEscapeW
StrRChrW
PathSkipRootW
PathFindFileNameW
StrStrIA
SHRegSetUSValueW
UrlCombineW
StrFormatKBSizeW
SHRegGetUSValueW
PathFindNextComponentW
PathGetArgsW
StrRetToBufW
PathIsFileSpecW
SHRegGetBoolUSValueW
StrChrA
PathIsURLW
SHDeleteValueW
PathFileExistsW
PathRemoveFileSpecW
StrTrimW
StrCmpW
PathAddBackslashW
SHDeleteKeyW
StrCatBuffA
PathAppendA
PathIsUNCServerShareW
wnsprintfW
PathAddBackslashA
PathAddExtensionW
StrStrIW
SHDeleteKeyA
UrlUnescapeW
UrlGetPartW

advapi32

SetNamedSecurityInfoA
RegSetValueExA
GetSecurityDescriptorSacl
ConvertSidToStringSidA
RegQueryInfoKeyA
RegCreateKeyExA
ReportEventW
CreateServiceA
ChangeServiceConfigW
UnlockServiceDatabase
QueryServiceStatus
RegEnumValueA
OpenEventLogW
RegRestoreKeyW
RegFlushKey
StartServiceA
RegQueryValueA
RegConnectRegistryW
EnumDependentServicesA
EnumServicesStatusW
RegSetValueA
RegConnectRegistryA
RegRestoreKeyA
RegLoadKeyA
GetNumberOfEventLogRecords
SetEntriesInAclA
MakeSelfRelativeSD
ChangeServiceConfig2W
RegUnLoadKeyW
GetUserNameA
ReadEventLogW
CreateProcessAsUserA
MakeAbsoluteSD
QueryServiceLockStatusA
RegEnumKeyW
QueryServiceConfigW
EnumDependentServicesW
RegisterServiceCtrlHandlerA
RegReplaceKeyW
OpenServiceW
RegDeleteValueA
RegOpenKeyExA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0ffb80694bc324f58c8a8d64676a079

Headers

File Characteristics

Imports

kernel32

ole32

user32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB