4394c8293b37106a18eb0f145daf4fdd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4394c8293b37106a18eb0f145daf4fdd_JaffaCakes118
Size

2.8MB
MD5

4394c8293b37106a18eb0f145daf4fdd
SHA1

f616390245991524e0097a4cccb41f5308cc5948
SHA256

1c33040724fcb8a264a557b2d976c1d7ba0dbc4e56fd920b740a414aaa62c2a6
SHA512

c0c06ec99efb883124215ab8ad851e5f84b3e4bc23582d1581bca429a0eee86d5d7c2173e4e9d8f2838a64f284dfe70697f920d5d45f9ccf7ae2927cecc955e0
SSDEEP

49152:M3ivdVIoHourYbNtKAzs8kg7sfVUI1r7D4Ldbd0feX3A4uVNxBPJXxhssb:M3ivNouQhzsmcVl7DUZjn8VNnJXrj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4394c8293b37106a18eb0f145daf4fdd_JaffaCakes118

Files

4394c8293b37106a18eb0f145daf4fdd_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

91ff67905a233144815d2526d148e701

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
CompareStringW
CreateActCtxW
GetSystemDirectoryW
FileTimeToDosDateTime
SetFileApisToOEM
EnumResourceLanguagesA
CompareFileTime
VirtualFree
CreateMutexA
FindNextFileA
ReadProcessMemory
SetFileTime
GetDefaultCommConfigW
FindFirstChangeNotificationW
GetFileAttributesExW
VirtualAllocEx
FindFirstVolumeW
OpenEventW
MoveFileExA
FindNextVolumeW
GetProfileStringW
SearchPathA
GlobalDeleteAtom
HeapLock
SizeofResource
EnumResourceLanguagesW
GetFileAttributesA
VerSetConditionMask
FindFirstFileA
GetStringTypeA
QueueUserWorkItem
GetShortPathNameA
FindVolumeMountPointClose
SetTimeZoneInformation
GetSystemDirectoryA
HeapValidate
LoadLibraryA
DnsHostnameToComputerNameW
lstrlenW
FindResourceExA
MapViewOfFile
RegisterWaitForSingleObjectEx
GetFileInformationByHandle
GetModuleHandleExW
SleepEx
GetDiskFreeSpaceExW
OpenFile
GetComputerNameW
GetProcessVersion
FindActCtxSectionStringW
GetProcAddress
GetFileAttributesW

ole32

OleDoAutoConvert
CoGetInterfaceAndReleaseStream
FreePropVariantArray
CoWaitForMultipleHandles
OleDestroyMenuDescriptor
OleCreateStaticFromData
CoSetProxyBlanket
StgOpenStorageOnILockBytes
OleCreateLink

user32

TranslateMessage
GetClassInfoW
SetWindowPlacement
AdjustWindowRect
GetMessageExtraInfo
GetWindowTextA
DrawTextExW
SetClassLongA
SendMessageTimeoutW
SendMessageW
SetCapture
RegisterHotKey
GetScrollPos
DestroyAcceleratorTable
ShowWindow
GetWindowDC
CloseWindowStation
OemToCharBuffA
ChildWindowFromPointEx
DestroyIcon
GetClassNameW
FlashWindow
GetNextDlgTabItem
GetMenuState
MessageBoxExA
ExitWindowsEx
LoadIconA
ScrollWindow
CreateCaret
EndDeferWindowPos

oleaut32

SysReAllocStringLen

shlwapi

PathRemoveFileSpecW
PathIsURLW
PathIsRelativeW
PathFindFileNameA
PathRemoveBackslashW
StrNCatW
SHDeleteKeyA
StrToIntExW
PathCombineW
StrFormatByteSizeW
PathRemoveFileSpecA
SHGetValueA
StrCatBuffW
UrlIsW
SHDeleteKeyW

advapi32

RegDeleteKeyA
ReadEventLogW
RegisterServiceCtrlHandlerExA
CreateServiceA
DuplicateTokenEx
EnumDependentServicesW
OpenServiceA
RegOpenCurrentUser
CredGetSessionTypes
GetEffectiveRightsFromAclW
SaferCloseLevel
GetTokenInformation
EnumServicesStatusW

shell32

SHFormatDrive
SHGetMalloc
SHGetSpecialFolderPathA

gdi32

InvertRgn
StrokeAndFillPath
SetMetaRgn
SetViewportExtEx
GetWindowOrgEx
GetWinMetaFileBits
SetPixel
CreateICA
GetPolyFillMode
SelectPalette
SetRectRgn
TranslateCharsetInfo
SetPaletteEntries
CombineRgn
SetTextAlign
GetTextCharsetInfo
RectVisible
OffsetViewportOrgEx
EnumFontFamiliesW
CreateDCW
CreateFontA
GetStretchBltMode
SwapBuffers
Polygon
TextOutA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1016KB - Virtual size: 1013KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91ff67905a233144815d2526d148e701

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 1016KB - Virtual size: 1013KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 72KB - Virtual size: 69KB

.text
Size: 1016KB - Virtual size: 1013KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 72KB - Virtual size: 69KB