3efd97798db1227960dd5c23fe6d34b6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3efd97798db1227960dd5c23fe6d34b6_JaffaCakes118
Size

148KB
MD5

3efd97798db1227960dd5c23fe6d34b6
SHA1

6a23166227318099f5b14fdd6235650850949dda
SHA256

ceac68c88fdc169327f3826a8aae8f345694cf12e99ca093666959fbcfe9f1c6
SHA512

1e43ac08005e709db3e6fd845ccf5b49ee995c4e92ab5fb69ad519e95240f604be0cb443b7b5d30ecb037867bd3fe710bb242dec29cdbc9b20eff33fe7abdbf5
SSDEEP

3072:H1VkvX31SpdGzNJ1reoPOs0BzR+oU6VtJau+F:vkvU7GzNJ4XgGVSx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3efd97798db1227960dd5c23fe6d34b6_JaffaCakes118

Files

3efd97798db1227960dd5c23fe6d34b6_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

80532fc54e3bbfe9d49fd44b3b1a9f2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

HttpQueryInfoA
InternetCloseHandle
InternetReadFile
InternetOpenA
InternetSetOptionA
InternetOpenUrlA

oleaut32

GetErrorInfo
VariantClear
SysAllocString
SysFreeString

msvcrt

_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
strtol
atoi
tmpnam
fopen
fwrite
fclose
ispunct
free
srand
isalpha
isgraph
_stricmp
isalnum
strtok
toupper
isupper
strerror
islower
isxdigit
__mb_cur_max
malloc
wctomb
wcscmp
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_CxxThrowException
tolower
wcslen
??0exception@@QAE@ABV0@@Z
??2@YAPAXI@Z
??3@YAXPAX@Z
strncpy
strchr
__CxxFrameHandler
printf
isspace
strstr
_adjust_fdiv

user32

EnumChildWindows
EnumWindows
KillTimer
SetTimer
DefWindowProcA
OpenClipboard
CloseClipboard
GetWindowThreadProcessId
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
SystemParametersInfoA
SetWindowPos
wsprintfA
GetClassNameA
RegisterClassExA

advapi32

SetEntriesInAclA
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
SetSecurityInfo
GetSecurityInfo
RegCloseKey

netapi32

Netbios

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

winmm

timeGetTime

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

rpcrt4

UuidToStringA

shlwapi

SHSetValueA
SHGetValueA
StrStrIA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoCreateGuid

kernel32

QueryPerformanceFrequency
GetTickCount
CloseHandle
OpenProcess
SleepEx
GetModuleFileNameA
GetThreadTimes
GetCurrentThread
GetVersionExA
GetProcessTimes
GetCurrentProcess
WriteProcessMemory
HeapFree
GetVersion
GetLastError
SetLastError
lstrlenA
GetFullPathNameA
GetProcessHeap
HeapSize
HeapAlloc
FreeLibrary
GetProcAddress
LoadLibraryA
VirtualAllocEx
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
GetCurrentProcessId
Sleep
LocalFree
FormatMessageA
GetEnvironmentVariableA
GetCurrentDirectoryA
InterlockedExchange
GetSystemDirectoryA
GetWindowsDirectoryA
lstrcpyA
GetModuleHandleA
FreeEnvironmentStringsA
GetEnvironmentStrings
lstrcpynA
QueryPerformanceCounter
lstrcmpiA
CreateRemoteThread
GetLocalTime
GetSystemInfo
MultiByteToWideChar
CreateFileA
lstrcmpA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80532fc54e3bbfe9d49fd44b3b1a9f2a

Headers

File Characteristics

Imports

wininet

oleaut32

msvcrt

user32

advapi32

netapi32

version

winmm

psapi

rpcrt4

shlwapi

ole32

kernel32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 20KB - Virtual size: 21KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 20KB - Virtual size: 21KB

.reloc
Size: 8KB - Virtual size: 7KB