3ebdc3651c0f32f3e095ad45a74d6414_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ebdc3651c0f32f3e095ad45a74d6414_JaffaCakes118
Size

92KB
MD5

3ebdc3651c0f32f3e095ad45a74d6414
SHA1

bbb25e739d0fc74dc9d7507d02014cac2c62d141
SHA256

5bfa984baeee5ffee56e568d141ab70f4895c042cdebd227bd9f1c7bc59fb7f8
SHA512

cf14b1c3d119f3984c9f54f6769d1c962cd2b12da65e44f142af6c1b24e58636d7dbd981e0bf208357535f9a37e5329ac3b7d3504cc638c55f8f0b26915d1086
SSDEEP

1536:JmkRqEvtrTCYc9HZQGptKJ4Y6BGMKOYe7ZBuyKgF:4wlvtBc9HiGptKJwpA8dKy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ebdc3651c0f32f3e095ad45a74d6414_JaffaCakes118

Files

3ebdc3651c0f32f3e095ad45a74d6414_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

3a1bfe716c89894b37aa05a30cbc5da0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

__dllonexit
_adjust_fdiv
_initterm
__CxxFrameHandler
??2@YAPAXI@Z
_purecall
malloc
_snprintf
strlen
memset
strncat
strncpy
memcpy
sprintf
memcmp
??3@YAXPAX@Z
calloc
free
_onexit

winmm

timeSetEvent
timeGetTime

kernel32

GetCurrentThread
SetThreadPriority
GetACP
GetTickCount
CreateThread
InterlockedExchange
SetErrorMode
GetModuleFileNameA
GetLastError
GetModuleHandleA
lstrcmpiA
GetThreadPriority
DeleteCriticalSection
LoadLibraryA
GetProcAddress
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
CloseHandle
CreateEventA
ResetEvent
DuplicateHandle
GetCurrentProcess
GetCurrentThreadId
SetEvent
WaitForMultipleObjects
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
GetSystemInfo
VirtualAlloc
VirtualFree
GetVersionExA
DisableThreadLibraryCalls
lstrlenA
MultiByteToWideChar
WideCharToMultiByte

advapi32

RegCreateKeyA
RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA

user32

GetDlgItem
MessageBoxA
GetWindowLongA
SetWindowLongA
CreateDialogParamA
MoveWindow
InvalidateRect
ShowWindow
DestroyWindow
DefWindowProcA
EnableWindow
LoadStringA
LoadStringW
GetWindowRect
GetDesktopWindow
PeekMessageA
MsgWaitForMultipleObjects
SetWindowTextA
PostThreadMessageA
RegisterWindowMessageA
GetQueueStatus
DispatchMessageA
wsprintfA
wvsprintfA

comctl32

ord17

ole32

StringFromGUID2
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoFreeUnusedLibraries

oleaut32

SysAllocString
SysFreeString

comdlg32

GetOpenFileNameA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a1bfe716c89894b37aa05a30cbc5da0

Headers

File Characteristics

Imports

msvcrt

winmm

kernel32

advapi32

user32

comctl32

ole32

oleaut32

comdlg32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 4KB - Virtual size: 520B

.data1 Size: 4KB - Virtual size: 352B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 4KB - Virtual size: 520B

.data1
Size: 4KB - Virtual size: 352B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB