41110735b6e36276186d56b9d36bbd2a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

41110735b6e36276186d56b9d36bbd2a_JaffaCakes118
Size

552KB
MD5

41110735b6e36276186d56b9d36bbd2a
SHA1

5f7e04ea01160d8e7da421e8d9610196e0825244
SHA256

92d3d7faba6eff0118a831897d741326cc8928dfd98d4ce7c91497a6c36bf45e
SHA512

3ff02c7b185bc9247bbd6bd863d06473ffbf984c48f2404bc1da7e743a9b88b41834e9e1867a911997b95126e7949529b32c57d6c530a67d43924ba19396d90c
SSDEEP

12288:ER3W1/iPFOv7MW3pXUy4Ly8/9X5pwSkvDC6Z+SJMX:23WxtMW3Gy4Ly8t5ic

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41110735b6e36276186d56b9d36bbd2a_JaffaCakes118

Files

41110735b6e36276186d56b9d36bbd2a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

8b5230e323989fef3f27945622eb97a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSAStartup
gethostbyname
socket
ioctlsocket
htons
connect
WSAGetLastError
send
WSACleanup

wininet

InternetGetCookieA
InternetSetCookieA
InternetQueryOptionA
InternetCrackUrlA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GlobalAlloc
CloseHandle
CreateProcessA
LockResource
Sleep
GetWindowsDirectoryA
DeleteFileA
MoveFileA
GetSystemDirectoryA
GlobalHandle
lstrcmpA
OutputDebugStringA
CreateFileA
LocalFree
LocalAlloc
GetFileSize
FreeResource
EnumResourceNamesA
GetStringTypeA
FlushFileBuffers
ReadFile
SetFilePointer
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
GetOEMCP
GetCPInfo
HeapSize
TlsFree
GlobalLock
TlsAlloc
TlsGetValue
GetStdHandle
WriteFile
ExitProcess
HeapCreate
HeapDestroy
GetCommandLineA
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualProtect
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
RaiseException
EnterCriticalSection
GlobalUnlock
GlobalReAlloc
GlobalFree
LoadLibraryA
GetProcAddress
GetModuleHandleA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
LeaveCriticalSection
FreeLibrary
SetLastError
IsDBCSLeadByte
GetCurrentThreadId
GetModuleFileNameA
InterlockedDecrement
DisableThreadLibraryCalls
MulDiv
InterlockedIncrement
GetCurrentProcess
FlushInstructionCache
lstrcmpiA
lstrlenA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
TlsSetValue

user32

FillRect
GetClientRect
BeginPaint
UnregisterClassA
PtInRect
UnionRect
DefWindowProcA
SetWindowLongA
GetWindowLongA
ShowWindow
GetClassInfoExA
LoadCursorA
ReleaseDC
GetDC
CallWindowProcA
SetFocus
IsChild
GetFocus
GetParent
DestroyWindow
CharNextA
SetWindowPos
SetWindowRgn
CreateAcceleratorTableA
LoadBitmapA
SystemParametersInfoA
MapWindowPoints
SetWindowContextHelpId
IsDlgButtonChecked
CheckDlgButton
GetUpdateRect
MapDialogRect
EndDialog
GetDesktopWindow
GetWindow
DestroyAcceleratorTable
ReleaseCapture
GetDlgItem
SetCapture
RedrawWindow
InvalidateRgn
ScreenToClient
GetSysColor
OffsetRect
EqualRect
IntersectRect
DialogBoxIndirectParamA
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
GetAsyncKeyState
CreatePopupMenu
InsertMenuA
DrawMenuBar
WindowFromPoint
TrackPopupMenu
DestroyMenu
LoadStringA
wsprintfA
ClientToScreen
PostQuitMessage
IsWindow
CloseWindow
OpenIcon
SetWindowTextA
SetRect
PostMessageA
GetClassNameA
SendMessageA
MessageBoxA
GetWindowRect
MoveWindow
CreateWindowExA
RegisterClassExA
GetKeyState
InvalidateRect
EndPaint

gdi32

GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
SetStretchBltMode
StretchDIBits
SetDIBitsToDevice
CreateFontIndirectA
SetWindowExtEx
SetViewportExtEx
GetStockObject
CreateSolidBrush
SelectPalette
RealizePalette
CreateBrushIndirect
CreatePen
LineTo
MoveToEx
CreateRectRgn
CreateDIBSection
ExtCreateRegion
CombineRgn
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
GetObjectA
BitBlt
DeleteObject
LPtoDP
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
CreateDCA
GetDeviceCaps
CreateRectRgnIndirect
SetTextAlign
TextOutA
SaveDC

advapi32

RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

ole32

StringFromGUID2
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemRealloc
OleSaveToStream
WriteClassStm
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CreateOleAdviseHolder
OleLoadFromStream
CoTaskMemFree
CoInitialize

oleaut32

SysFreeString
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VariantChangeType
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
OleCreatePropertyFrame
VarUI4FromStr
LoadRegTypeLi
VariantCopy
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayAccessData
SysAllocStringLen
OleCreateFontIndirect
VarI4FromStr
SysStringLen

urlmon

URLDownloadToFileA
URLDownloadToCacheFileA

Exports

Exports

AssignAssociateID
ChecksumResources
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetDLLVersion
Install
Uninstall
validate

Sections

.text
Size: 296KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b5230e323989fef3f27945622eb97a0

Headers

File Characteristics

Imports

ws2_32

wininet

version

kernel32

user32

gdi32

advapi32

ole32

oleaut32

urlmon

Exports

Exports

Sections

.text Size: 296KB - Virtual size: 294KB

.rdata Size: 88KB - Virtual size: 84KB

.data Size: 28KB - Virtual size: 68KB

.rsrc Size: 108KB - Virtual size: 106KB

.reloc Size: 28KB - Virtual size: 25KB

.text
Size: 296KB - Virtual size: 294KB

.rdata
Size: 88KB - Virtual size: 84KB

.data
Size: 28KB - Virtual size: 68KB

.rsrc
Size: 108KB - Virtual size: 106KB

.reloc
Size: 28KB - Virtual size: 25KB