353f11231547f824a02ae2f6653b4a38_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

353f11231547f824a02ae2f6653b4a38_JaffaCakes118
Size

200KB
MD5

353f11231547f824a02ae2f6653b4a38
SHA1

5981cfec667497bdfd21133bb17643d2010207c2
SHA256

6188613a782c849f68cf26b2c4254a37a891f67e760741f2e2efa8b20f376610
SHA512

ee1533340e5ee7f00fb7fa0954d187fc234ddbaaf4650f6f940f7209f02cc818ff6e84e1a9db6d4138b6590f7b94d00a3af69d6cd8583e427dbc32d60b9a2394
SSDEEP

6144:5fo5rJAq8n8yIqEbGEdElwsoKYPouK2N:SJ+qYIlbHgFoKYQuxN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
353f11231547f824a02ae2f6653b4a38_JaffaCakes118

Files

353f11231547f824a02ae2f6653b4a38_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

1c43af31598ff2e7e3dc1c619453e230

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

oeimport.pdb

Imports

msoert2

CreateStreamOnHFile
HrCopyStream
FIsEmptyA
PszDupA
HrByteToStream
UlStripWhitespace
PszToUnicode
StrTokEx

ole32

CLSIDFromString
CoCreateInstance
CoTaskMemRealloc
CoGetMalloc

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegQueryInfoKeyA
CryptAcquireContextA
RegEnumKeyExA

gdi32

DeleteObject

kernel32

VirtualProtect
LoadLibraryA
lstrcpynA
lstrlenA
ExpandEnvironmentStringsA
FreeLibrary
GetProcAddress
FindClose
FindFirstFileA
UnmapViewOfFile
lstrcmpA
MapViewOfFile
CloseHandle
CreateFileMappingA
GetFileSize
CreateFileA
GetPrivateProfileStringA
GetProfileStringA
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
lstrcmpiA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetVersionExA
WideCharToMultiByte
SetLastError
GetModuleFileNameA
GetSystemInfo
GetEnvironmentVariableA
GetLastError
GetFileAttributesA
GetTimeZoneInformation
FindNextFileA
ReadFile
TlsSetValue
GetCommandLineA
ExitProcess
GetModuleHandleA
TlsFree
TlsGetValue
TlsAlloc
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
VirtualQuery
HeapCreate
VirtualFree
WriteFile
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
RtlUnwind
InterlockedExchange
HeapDestroy

user32

CreateDialogParamA
EndDialog
SetCursor
LoadCursorA
SendDlgItemMessageA
DialogBoxParamA
LoadBitmapA
GetSystemMetrics
GetWindowRect
MessageBoxA
GetWindowLongA
SetFocus
GetParent
GetWindowTextA
SetDlgItemTextA
GetDlgItemTextA
CharPrevA
DestroyWindow
SendMessageA
LoadStringA
KillTimer
SetWindowLongA
PeekMessageA
TranslateMessage
DispatchMessageA
GetDlgItem
SetWindowTextA
ShowWindow
SetTimer
PostMessageA
EnableWindow

comctl32

ImageList_AddMasked
CreatePropertySheetPageA
PropertySheetA
DestroyPropertySheetPage
InitCommonControlsEx
ImageList_Create

shlwapi

SHGetValueA
StrCmpNIA
StrStrIA
PathRemoveFileSpecA
StrCatBuffA
wnsprintfA
PathRemoveExtensionA
PathFileExistsA
PathAddBackslashA
SHSetValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ExportMessages
PerformImport
PerformMigration

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c43af31598ff2e7e3dc1c619453e230

Headers

File Characteristics

PDB Paths

Imports

msoert2

ole32

advapi32

gdi32

kernel32

user32

comctl32

shlwapi

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 103KB - Virtual size: 103KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 84KB - Virtual size: 83KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 103KB - Virtual size: 103KB

.reloc
Size: 8KB - Virtual size: 8KB