35682e97f016fc035d9cd9df39674d66_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

35682e97f016fc035d9cd9df39674d66_JaffaCakes118
Size

57KB
MD5

35682e97f016fc035d9cd9df39674d66
SHA1

e34ff3bb6c6649832a983157c752301fe4dfe6ec
SHA256

32ad245e6aa653dea1218f7aab97c29e341fb05b8ef87f3f9d2ef905ffc50e49
SHA512

8d3b7a6afb174785a3495559c951826ff8ae6f235ff4a7f24bcd4b8e2fe9f79d51dbaead8ebc0830b550826de54d8965af5d3d7f3b9a75a2b7d9cddc56d29946
SSDEEP

768:Wl6EKoT6U80wHuSWhGVE0JRqKuF3XvH3lS9lYj3gy2ln8D4P9Czg4uQQRg4y:Wl6KSHfWEEykKa3tRClo4PNHQQRg4y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35682e97f016fc035d9cd9df39674d66_JaffaCakes118

Files

35682e97f016fc035d9cd9df39674d66_JaffaCakes118
.dll windows:4 windows x86 arch:x86

da1943b598d950933d3bbf60ce2c6cd0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHCreateShellPalette
SHCreateStreamOnFileA
SHCreateStreamOnFileW
ord16
SHDeleteEmptyKeyA
SHDeleteEmptyKeyW
SHDeleteKeyA
SHDeleteKeyW
SHDeleteValueA
SHDeleteValueW
SHEnumKeyExA
SHEnumKeyExW
SHEnumValueA
SHStrDupA
SHSkipJunction
SHSetValueW
SHSetValueA
SHSetThreadRef
SHRegWriteUSValueW
SHRegWriteUSValueA
SHRegSetUSValueW
SHRegSetUSValueA
SHRegSetPathW
SHRegSetPathA
SHRegQueryUSValueW
SHRegQueryUSValueA
SHRegQueryInfoUSKeyW
SHCopyKeyW
SHRegOpenUSKeyW
SHRegOpenUSKeyA
SHRegGetUSValueW
SHRegGetUSValueA
SHRegGetPathW
SHRegGetPathA
SHRegGetBoolUSValueW
SHRegGetBoolUSValueA
SHRegEnumUSValueW
SHRegEnumUSValueA
SHRegEnumUSKeyW
SHRegEnumUSKeyA
SHRegDuplicateHKey
SHRegDeleteUSValueW
SHRegDeleteUSValueA
SHRegDeleteEmptyUSKeyW
SHRegDeleteEmptyUSKeyA
SHRegCreateUSKeyW
SHRegCreateUSKeyA
SHEnumValueW
SHGetInverseCMAP
SHGetThreadRef
SHGetValueA
SHGetValueW
SHIsLowMemoryMachine
SHRegCloseUSKey
SHQueryValueExW
SHCopyKeyA
SHRegQueryInfoUSKeyA
SHQueryValueExA
SHQueryInfoKeyW
SHOpenRegStream2A
SHOpenRegStream2W
SHOpenRegStreamA
SHOpenRegStreamW
SHQueryInfoKeyA
SHStrDupW

kernel32

CreateEventW
FindFirstChangeNotificationW
ResumeThread
SetThreadPriority
CreateThread
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
OpenEventW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
GetCurrentProcess
GetCommandLineA
HeapFree
FindNextChangeNotification
HeapAlloc
GetProcessHeap
GetStartupInfoA
ExitProcess
GetProcAddress
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WaitForMultipleObjects
Sleep
CloseHandle
FindCloseChangeNotification
GetVersionExA
SetProcessShutdownParameters
GetConsoleCursorInfo
lstrlenW
ExpandEnvironmentStringsW
LocalAlloc
SetEvent
LocalReAlloc
FindClose
FindNextFileW
CompareStringW
lstrcmpiW
GetLastError
FindFirstFileW
LeaveCriticalSection
EnterCriticalSection
ExitThread
Beep
SetUnhandledExceptionFilter
LocalFree
FlushFileBuffers
GetSystemInfo
VirtualProtect
GetLocaleInfoA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetFilePointer
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
VirtualQuery
InterlockedExchange
RtlUnwind
GetEnvironmentVariableW

ole32

CoInitialize

user32

SetWindowPos
GetDesktopWindow
GetParent
LoadStringW
SetForegroundWindow
CheckDlgButton
SendMessageW
GetClientRect
GetDlgItem
EndDialog
PostMessageW
IsDlgButtonChecked
SendDlgItemMessageW
SetDlgItemTextW
DestroyIcon
GetWindowRect
SetTimer
LoadImageW
DialogBoxParamW
MessageBoxW
DefWindowProcW
LoadIconW
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
CreateWindowExW
RegisterClassW
GetWindowLongW
GetSystemMetrics
KillTimer

advapi32

RegNotifyChangeKeyValue
RegCloseKey
RegQueryValueExW
GetAce
RegOpenKeyExW

msvcrt

memset

shell32

SHGetFileInfoW
Shell_NotifyIconW

winmm

mmioRead

setupapi

CM_Request_Eject_PC
CM_Request_Device_Eject_ExW
CM_Request_Device_Eject_ExA
CM_Request_Device_EjectW
CM_Request_Device_EjectA
CM_Remove_SubTree_Ex
CM_Remove_SubTree
CM_Register_Device_Interface_ExW
CM_Register_Device_Interface_ExA
CM_Register_Device_InterfaceW
CM_Register_Device_InterfaceA
CM_Register_Device_Driver_Ex
CM_Register_Device_Driver
CM_Reenumerate_DevNode_Ex
CM_Reenumerate_DevNode
CM_Query_Resource_Conflict_List
CM_Query_Remove_SubTree_Ex
CM_Query_Remove_SubTree
CM_Query_Arbitrator_Free_Size_Ex
CM_Query_Arbitrator_Free_Size
CM_Query_Arbitrator_Free_Data_Ex
CM_Query_Arbitrator_Free_Data
CM_Query_And_Remove_SubTree_ExW
CM_Query_And_Remove_SubTree_ExA
CM_Query_And_Remove_SubTreeW
CM_Query_And_Remove_SubTreeA
CM_Open_DevNode_Key_Ex
CM_Open_DevNode_Key
CM_Open_Class_Key_ExW
CM_Open_Class_Key_ExA
CM_Open_Class_KeyW
CM_Open_Class_KeyA
CM_Next_Range
CM_Move_DevNode_Ex
CM_Move_DevNode
CM_Modify_Res_Des_Ex
CM_Modify_Res_Des
CM_Merge_Range_List
CM_Locate_DevNode_ExW
CM_Locate_DevNode_ExA
CM_Locate_DevNodeW
CM_Locate_DevNodeA
CM_Request_Eject_PC_Ex

Exports

Exports

cezkom

Sections

.text
Size: 44KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da1943b598d950933d3bbf60ce2c6cd0

Headers

File Characteristics

Imports

shlwapi

kernel32

ole32

user32

advapi32

msvcrt

shell32

winmm

setupapi

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 134KB

.rdata Size: 7KB - Virtual size: 6KB

.reloc Size: 512B - Virtual size: 1B

.rdata Size: 512B - Virtual size: 1B

.rsrc Size: 512B - Virtual size: 1B

.rdata Size: 512B - Virtual size: 1B

.rsrc Size: 512B - Virtual size: 1B

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 44KB - Virtual size: 134KB

.rdata
Size: 7KB - Virtual size: 6KB

.reloc
Size: 512B - Virtual size: 1B

.rdata
Size: 512B - Virtual size: 1B

.rsrc
Size: 512B - Virtual size: 1B

.rdata
Size: 512B - Virtual size: 1B

.rsrc
Size: 512B - Virtual size: 1B

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 1KB - Virtual size: 1KB