3917b5a52a801840c4821b1238ca9f49_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3917b5a52a801840c4821b1238ca9f49_JaffaCakes118
Size

72KB
MD5

3917b5a52a801840c4821b1238ca9f49
SHA1

2f8d6a1bafd1f403e8fa7d0ce9b55a69e467bcfb
SHA256

944e1115c9985b93f176c8cae080a90207d4a07fceb647b9a0d143c115e22aa9
SHA512

f23786c26eeef67692361188604d5a9902692b8d7dc06b5de10ac2aa910a9016c159372495f9a8b0983237f3d23c2ba661a79dadd0c3e8045375b9831ec2f321
SSDEEP

1536:wFJe5+zOxV0qJHru4BJh+wTH7yiR665xKdVe/Y9aayqOH:wFuHUqBFBJhVb5fqVe/Y9aDH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3917b5a52a801840c4821b1238ca9f49_JaffaCakes118

Files

3917b5a52a801840c4821b1238ca9f49_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

340aa5492b17f4840766efdc3dd5626d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

WSACleanup
ntohl
gethostbyname
gethostname
WSAStartup
inet_addr

gdi32

SetMapMode
SaveDC
LPtoDP
GetDeviceCaps
SetWindowOrgEx
DeleteDC
SetViewportOrgEx
CloseMetaFile
SetWindowExtEx
CreateMetaFileA
CreateRectRgnIndirect
DeleteMetaFile
CreateDCA
RestoreDC

kernel32

LoadLibraryExA
EnterCriticalSection
lstrlenW
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
DisableThreadLibraryCalls
DeleteCriticalSection
GetShortPathNameA
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
SizeofResource
LoadResource
FindResourceA
GetLastError
LeaveCriticalSection
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
InitializeCriticalSection
lstrcatA
GlobalUnlock
GlobalLock
GlobalAlloc
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
lstrlenA
MultiByteToWideChar
lstrcpyA

ole32

OleRegEnumVerbs
OleSaveToStream
CreateOleAdviseHolder
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
WriteClassStm
OleRegGetMiscStatus
OleLoadFromStream
CoTaskMemRealloc
CreateDataAdviseHolder
OleRegGetUserType

oleaut32

VariantChangeType
OleCreatePropertyFrame
VariantClear
SysAllocStringLen
LoadTypeLi
SafeArrayCreate
SysStringLen
LoadRegTypeLi
SysFreeString
SysAllocString
SysStringByteLen
SysAllocStringByteLen
RegisterTypeLi
VarUI4FromStr

user32

GetDC
IsWindow
SetFocus
ShowWindow
GetParent
InvalidateRect
GetKeyState
PtInRect
UnionRect
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
SetWindowLongA
GetWindowLongA
CallWindowProcA
CreateWindowExA
GetClientRect
EndPaint
GetFocus
IsChild
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
BeginPaint
ReleaseDC
DefWindowProcA
CharNextA
DestroyWindow

advapi32

RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegEnumValueA
RegQueryInfoKeyA
RegDeleteKeyA

winmm

timeGetTime

msvcrt

malloc
swscanf
strlen
memcpy
wcslen
wcscpy
free
memcmp
memset
swprintf
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_except_handler3
??2@YAPAXI@Z
realloc
??3@YAXPAX@Z
_purecall
__CxxFrameHandler
_EH_prolog

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

340aa5492b17f4840766efdc3dd5626d

Headers

File Characteristics

Imports

wsock32

gdi32

kernel32

ole32

oleaut32

user32

advapi32

winmm

msvcrt

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB