3cdd25620696daf036d941abe501d6fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3cdd25620696daf036d941abe501d6fd_JaffaCakes118
Size

92KB
MD5

3cdd25620696daf036d941abe501d6fd
SHA1

9a72670cac94c7c4e5d68d77570af3410af1d314
SHA256

1b3d5c1ef954aa8f74df79455f20a0ceb421b923d86d399a7e28608b90d05c8c
SHA512

f4f83ac606a4fae36c2ed8e860e1f7e8388762db79e9a8db9bdddf72795d1f45cfd5b38596b45e529fa0dc9c7c342cbbc7fd8c83db4e57575576dc4e42f2905b
SSDEEP

1536:qId2JHeXq6lM56gM853Lx7PmNZd/SQzzPqIa361QuJFfn7Da7g74eAMaUwq:MpQfM5j3Lx7uNZd/SQz7Da3613JFDu0a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cdd25620696daf036d941abe501d6fd_JaffaCakes118

Files

3cdd25620696daf036d941abe501d6fd_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

eedc7c5df2d35f3a519b23ebf7829690

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetUserDefaultUILanguage
GetProfileStringA
GetVolumePathNamesForVolumeNameW
EnumResourceNamesW
ReleaseActCtx
CopyFileW
ReplaceFileW
GetEnvironmentStrings
SystemTimeToFileTime
SetEnvironmentVariableA
FatalAppExitA
GetTimeFormatW
LCMapStringA
GetFileAttributesExW
TryEnterCriticalSection
GetCurrentThreadId
MultiByteToWideChar
GlobalDeleteAtom
GetLogicalDriveStringsA
ConnectNamedPipe
FindNextVolumeW
CompareFileTime
DeleteVolumeMountPointW
lstrlenW
FindNextVolumeMountPointW
VirtualQueryEx
GetThreadTimes
GetVolumeInformationA
SystemTimeToTzSpecificLocalTime
GetCommandLineW
GlobalMemoryStatusEx
GetCurrentProcessId
VerifyVersionInfoW
GetTempPathA
GetCurrencyFormatA
FindNextChangeNotification
CreateConsoleScreenBuffer
SetConsoleActiveScreenBuffer
FindResourceA
CreateTimerQueue
ResumeThread
lstrcpyA
GetVersionExA
lstrcmpiW
ReadConsoleW
lstrcpynA
DeviceIoControl
UnregisterWaitEx
GetCommandLineA
SetConsoleWindowInfo
GetExitCodeProcess
FindActCtxSectionStringW
SetCommTimeouts
FileTimeToDosDateTime
FindVolumeMountPointClose
InterlockedCompareExchange
GetSystemTimeAdjustment
WaitForMultipleObjects
PostQueuedCompletionStatus
CreateDirectoryW
CompareStringW
CreateJobObjectW
GetLocaleInfoW
RegisterWaitForSingleObjectEx
UnregisterWait
DeleteTimerQueueEx
GetModuleFileNameW
FindAtomA
RemoveDirectoryA
GetTempFileNameW
WaitCommEvent
GetCommConfig
GetFileTime
DnsHostnameToComputerNameW
lstrlenA
CreateMutexW
WriteConsoleA
GetCommTimeouts
ReadProcessMemory
FindNextFileW
GetProcessAffinityMask
FreeLibraryAndExitThread
GetSystemWindowsDirectoryA
FindResourceExA
SwitchToThread
GetProfileIntA
SetVolumeMountPointW
SetStdHandle
GetStringTypeA
SetConsoleMode
GetFileAttributesExA
FillConsoleOutputCharacterW
CallNamedPipeA
SetFileAttributesA
EnumResourceNamesA
PurgeComm
WriteProfileStringW
HeapSize
IsValidLocale
GetFileInformationByHandle
GetSystemDirectoryA
ClearCommError
GetTimeFormatA
FindFirstChangeNotificationA
CreateSemaphoreA
FindFirstFileA
GetComputerNameW
GetFullPathNameA
FillConsoleOutputAttribute
GetSystemInfo
DeleteTimerQueueTimer
SetConsoleCtrlHandler
PulseEvent
UpdateResourceA
AddAtomA
GetModuleHandleW
CreateFileA
GetComputerNameA
EnterCriticalSection
Sleep
InterlockedExchange
GetProcessHeap
InterlockedIncrement
GetTickCount
VirtualQuery
GetModuleFileNameA
MapViewOfFile
MoveFileA
CreateMutexA
CreateThread
DeleteFileA
HeapFree
GetProcAddress
WaitForSingleObject
ReleaseMutex
GetLastError
InterlockedDecrement
ExpandEnvironmentStringsA
CreateProcessA
GlobalAlloc
CopyFileA
LoadLibraryA
CloseHandle
LocalFree
HeapAlloc
VirtualProtect
InitializeCriticalSection
RaiseException

ole32

CoQueryProxyBlanket
OleCreateStaticFromData
CoTaskMemRealloc
FreePropVariantArray
CoFreeUnusedLibrariesEx
GetRunningObjectTable
GetHGlobalFromILockBytes
OleSave
CoWaitForMultipleHandles
OleDuplicateData
OleDestroyMenuDescriptor
CoFileTimeNow
CoRevertToSelf
CreateGenericComposite
OleCreateFromFile
OleGetAutoConvert
OleCreateLinkFromData
CoDisableCallCancellation
PropVariantClear
OleRun
OleTranslateAccelerator
OleInitialize
StgOpenStorageEx
CoGetClassObject
SetConvertStg
StringFromGUID2
CoGetObjectContext
CoGetInterfaceAndReleaseStream
CoTaskMemFree
CoUninitialize
CoInitialize
CoTaskMemAlloc

advapi32

LockServiceDatabase
RegQueryValueExA
LookupAccountNameA
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
ConvertSidToStringSidA
RegEnumKeyExA
RegCreateKeyExA
OpenServiceW
ImpersonateSelf
ControlService
ReportEventW
CreateProcessWithLogonW
GetUserNameW
CreateProcessAsUserW
IsTextUnicode
EnumServicesStatusW
GetUserNameA
RegisterServiceCtrlHandlerExA
RegOpenKeyW
QueryServiceConfig2W
ChangeServiceConfig2W
QueryServiceLockStatusA
RegDisablePredefinedCache
RegSetValueExW
CheckTokenMembership
CloseEventLog
CredIsMarshaledCredentialW
RegisterServiceCtrlHandlerA
ChangeServiceConfigW
RegUnLoadKeyA
StartServiceW
BuildExplicitAccessWithNameW
RegRestoreKeyW
SaferGetLevelInformation
RegConnectRegistryW
CredGetSessionTypes
RegEnumKeyW
RegQueryInfoKeyA
CredReadW
RegSetValueA
QueryServiceLockStatusW
RegisterServiceCtrlHandlerExW
NotifyBootConfigStatus

gdi32

CopyMetaFileW
ModifyWorldTransform
StrokePath
CreateFontIndirectA
CreatePen
GetCurrentPositionEx
SetTextJustification
RemoveFontResourceW
ExtEscape
GetTextCharset
SetLayout
SetROP2
AbortPath
SetBrushOrgEx
GetCharWidthA
GetTextExtentPointW
SetPixelV
SelectPalette
GetTextMetricsW
SetDCBrushColor
GetRegionData
GetCurrentObject
GetOutlineTextMetricsA
CreateDIBitmap
SetDIBColorTable
GetNearestColor
EnumEnhMetaFile
GetObjectW
DescribePixelFormat
TranslateCharsetInfo
SetWorldTransform
GetWorldTransform
GetCharacterPlacementA
SetTextCharacterExtra
DPtoLP
EnumFontFamiliesA
CreateDCA
ScaleWindowExtEx
GetDCOrgEx
RectVisible
SetAbortProc
GetMapMode
ResetDCA
OffsetRgn
GetPixelFormat
CreateRectRgn
CreateHalftonePalette
GetMetaFileA
SetPolyFillMode
PathToRegion
CreateScalableFontResourceA
SetPixel
CreateBrushIndirect
PlayMetaFileRecord
CreateFontIndirectW
TextOutA
CreateDCW
PolyPolygon
Polyline
ExtCreatePen
SetMiterLimit
CreateDiscardableBitmap
PolyDraw
GetGlyphOutlineA
SetTextColor
GetViewportExtEx
GetBitmapDimensionEx
SetMetaRgn
EnumFontFamiliesExA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eedc7c5df2d35f3a519b23ebf7829690

Headers

File Characteristics

Imports

kernel32

ole32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB