3c8f9b0fdde826a31e6f5cef52f67c86_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3c8f9b0fdde826a31e6f5cef52f67c86_JaffaCakes118
Size

124KB
MD5

3c8f9b0fdde826a31e6f5cef52f67c86
SHA1

8eab1f37cf6dd26c6242160c70dc561b44b91b93
SHA256

9045d3e9f4937979932c3ba9f975dfa7fdd303391f43f23ff0d9dc098d4319fb
SHA512

49533160541638ea933a3748f6b454a8d034a8d592cb6856cacad375dd33fe8f9080aa4abc7ce79c321698269425b9339b56f02541eefc3c72a3e868500336cf
SSDEEP

3072:wB+3hLKxhWwCngPLln1WgE0hMcKkDivnRwiYsruA:wB0Kq5gPL7FxqeiJwqruA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c8f9b0fdde826a31e6f5cef52f67c86_JaffaCakes118

Files

3c8f9b0fdde826a31e6f5cef52f67c86_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

7dda517e91a7cdcac3ac546e44dd2858

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindAtomA
GlobalGetAtomNameW
AddAtomW
PulseEvent
lstrcpynA
GetLocalTime
LocalHandle
GetAtomNameA
CreateConsoleScreenBuffer
GetSystemInfo
HeapSize
UpdateResourceA
CreatePipe
ReadConsoleW
MoveFileExW
FileTimeToLocalFileTime
LocalLock
VerifyVersionInfoA
OpenFileMappingA
GetProcessAffinityMask
DuplicateHandle
CreateWaitableTimerW
HeapCreate
FileTimeToSystemTime
IsBadHugeReadPtr
GetStringTypeA
ReadConsoleInputW
MapViewOfFileEx
IsValidLocale
GetLocaleInfoA
GetWindowsDirectoryA
GetThreadPriority
CreateProcessW
EnumResourceLanguagesW
WriteConsoleW
RegisterWaitForSingleObject
GlobalDeleteAtom
RegisterWaitForSingleObjectEx
FillConsoleOutputAttribute
AddAtomA
SetEndOfFile
FindResourceExW
FlushConsoleInputBuffer
GetLogicalDriveStringsW
SetCurrentDirectoryA
TryEnterCriticalSection
GetDefaultCommConfigW
lstrcmpA
SetTimeZoneInformation
CallNamedPipeA
OpenMutexW
SetFileApisToOEM
VerifyVersionInfoW
lstrlenA
LockFileEx
UnlockFile
CreateSemaphoreA
IsBadReadPtr
GetFullPathNameA
DeviceIoControl
DosDateTimeToFileTime
FindNextVolumeW
GetModuleHandleExW
WaitNamedPipeA
GetSystemPowerStatus
EnumResourceNamesW
FillConsoleOutputCharacterW
ReadConsoleInputA
GlobalHandle
SetConsoleScreenBufferSize
QueueUserWorkItem
WaitForMultipleObjects
FindAtomW
SuspendThread
lstrcpynW
GetExitCodeThread
GetDriveTypeA
ReadConsoleA
GetLargestConsoleWindowSize
LocalReAlloc
GetHandleInformation
OpenThread
LocalSize
GetSystemDirectoryA
GetModuleFileNameW
SetLastError
GetLogicalDrives
HeapReAlloc
EscapeCommFunction
SetFilePointerEx
MoveFileExA
GetNumberFormatW
GlobalGetAtomNameA
GetSystemWow64DirectoryW
GetLocaleInfoW
PostQueuedCompletionStatus
SetFileAttributesA
SetEnvironmentVariableA
GetSystemWindowsDirectoryA
LCMapStringA
CreateFileMappingW
FindResourceA
GetEnvironmentStrings
GetCPInfo
GetSystemTimeAdjustment
EnumResourceLanguagesA
FindVolumeMountPointClose
FreeEnvironmentStringsW
WaitForMultipleObjectsEx
VirtualAlloc
OpenProcess
SetConsoleTextAttribute
DeleteFileW
SetConsoleTitleA
WriteProfileStringW
CreateThread
UnmapViewOfFile
InterlockedDecrement
GetSystemTimeAsFileTime
ReadFile
GetModuleHandleA
GetComputerNameA
VirtualProtect
MoveFileA
InterlockedIncrement
GetTickCount
CreateFileMappingA
GetCurrentProcessId
HeapAlloc
GetModuleFileNameA
CloseHandle
VirtualQuery
GetProcAddress
WaitForSingleObject
LeaveCriticalSection
LocalFree
Sleep
ExpandEnvironmentStringsA
LoadLibraryA
GetProcessHeap
MapViewOfFile
GetTempPathA
CreateProcessA

advapi32

RegQueryValueExA
RegCloseKey
LookupAccountNameA
ConvertSidToStringSidA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
ConvertStringSecurityDescriptorToSecurityDescriptorA
NotifyBootConfigStatus
RegNotifyChangeKeyValue
MakeSelfRelativeSD
StartServiceCtrlDispatcherA
CreateServiceW
RegOpenKeyExW
RegSetValueA
RegConnectRegistryA
StartServiceA
CreateServiceA
RegFlushKey
ChangeServiceConfigA
NotifyChangeEventLog
RegisterServiceCtrlHandlerW
RegLoadKeyW
GetServiceDisplayNameW
RegSetValueW
DuplicateToken
RegOpenKeyW
GetSecurityDescriptorSacl

gdi32

UnrealizeObject
SetMetaFileBitsEx
GetRegionData
CreatePolygonRgn
GetObjectW
GetStretchBltMode
SetArcDirection
GetTextMetricsA
GetEnhMetaFileHeader
CreateFontA
PlayEnhMetaFileRecord
SetBkColor
GetLayout
PolyDraw
CreateDIBitmap
PaintRgn
SetMapMode
CreatePalette
GetWinMetaFileBits
CreateFontIndirectW
EnumFontFamiliesA
EnumFontFamiliesExA
StrokePath
GetSystemPaletteEntries
GetTextMetricsW
GetTextAlign
SelectObject
CreateRectRgnIndirect
ArcTo
OffsetRgn
PlayMetaFile
GetOutlineTextMetricsA
ResetDCA
SetTextColor
CreateBitmapIndirect
CreateCompatibleBitmap
SetGraphicsMode
GetMapMode
GetTextFaceA
GetPolyFillMode
SetStretchBltMode
SetICMMode
EnumMetaFile
CreateDCW
RealizePalette
LPtoDP
SetMetaRgn
AbortPath
DeleteDC
SetViewportOrgEx
SetDCBrushColor
DeleteObject
GetFontData
OffsetWindowOrgEx
ScaleViewportExtEx
Escape
GetTextExtentExPointA
GetCharWidthA
Polyline
GetTextCharsetInfo
EndDoc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7dda517e91a7cdcac3ac546e44dd2858

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 98KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 100KB - Virtual size: 98KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB