42aaa21b926d3ba2f390e0fd8ebf7e68_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42aaa21b926d3ba2f390e0fd8ebf7e68_JaffaCakes118
Size

78KB
MD5

42aaa21b926d3ba2f390e0fd8ebf7e68
SHA1

50f8d46a3efd823d5be92dfaab8510d59cd6dbd8
SHA256

92213e555bce4a710510d22c73fa9e9d84fa4ee4f0754d58d336494c75fc9a65
SHA512

54edbdc46a03d843ebed7f06cb6b2b87a0df0f5b7554bd67236354db33ee2d57870ea2b044b5335e24722f66bbe28aa9f3f4303b5a5cafa03f3d3f7deb532d4a
SSDEEP

768:j/2UIhredDri+1kraPIQec6pTyUk1t7mB30SNxyck5okl+Cw:34redS+SragAcTyQxNxycs+D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42aaa21b926d3ba2f390e0fd8ebf7e68_JaffaCakes118

Files

42aaa21b926d3ba2f390e0fd8ebf7e68_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

f9a1b62be35488bc013c050f6fe9bd7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
WaitForSingleObject
CloseHandle
Sleep
GetVersionExA
DisableThreadLibraryCalls
GetShortPathNameA
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
lstrlenA

user32

LoadStringA
CopyRect
DrawTextA
SetWindowPos
SetRect
FillRect
GetSysColor
PeekMessageA
TranslateMessage
DispatchMessageA
SetForegroundWindow
DrawIcon
KillTimer
LoadIconA
InflateRect
GetClientRect
SystemParametersInfoA
IsWindow
CreateWindowExA
wsprintfA
UnregisterClassA
RegisterClassA
PostMessageA
DialogBoxParamA
GetDesktopWindow
ShowWindow
DrawEdge
RegisterClassExA
UpdateWindow
EndDialog
BeginPaint
EndPaint
GetDlgItem
IsDlgButtonChecked
SetTimer
GetWindowLongA
SetWindowLongA
DestroyWindow
PtInRect
SetCapture
LoadCursorA
SetCursor
ReleaseCapture
DefWindowProcA
GetWindowRect
ScreenToClient
GetDC
GetWindowTextA
GetTabbedTextExtentA
ReleaseDC
LoadBitmapA
GetMessageA
SendMessageA

gdi32

CreatePen
SetBkMode
SetTextColor
CreateFontIndirectA
SelectObject
Rectangle
GetStockObject
CreateFontA
StretchBlt
GetObjectA
MoveToEx
LineTo
GetDeviceCaps
CreateSolidBrush
CreateCompatibleDC
DeleteObject

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA

shell32

Shell_NotifyIconA

ole32

CoCreateInstance
CoUninitialize
StringFromIID
CoGetMalloc
CoInitialize

oleaut32

SysAllocString
SysFreeString
LoadTypeLi
RegisterTypeLi

shlwapi

SHDeleteKeyA

msvcrt

_adjust_fdiv
_initterm
_onexit
__dllonexit
malloc
free
_beginthreadex
strstr
_mbsstr
strcpy
sscanf
_ftol
abs
_except_handler3
_mbsicmp
??2@YAPAXI@Z
strlen
strncpy
memset
??3@YAXPAX@Z
memcmp
_snprintf

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YahooNT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9a1b62be35488bc013c050f6fe9bd7d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

msvcrt

Exports

Exports

Sections

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 15KB - Virtual size: 19KB

.YahooNT Size: 512B - Virtual size: 4B

.rsrc Size: 55KB - Virtual size: 55KB

.reloc Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 15KB - Virtual size: 19KB

.YahooNT
Size: 512B - Virtual size: 4B

.rsrc
Size: 55KB - Virtual size: 55KB

.reloc
Size: 2KB - Virtual size: 2KB