42fa6e93780adca8c18ebb5872f33017_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42fa6e93780adca8c18ebb5872f33017_JaffaCakes118
Size

264KB
MD5

42fa6e93780adca8c18ebb5872f33017
SHA1

7bed73c7fb674578028b42ee2a856c6a923e9b58
SHA256

09e7d4ea2c746207aef0d7a20050c7e70fa441f666655ee87057dc6cb3a31c96
SHA512

9945060c355e7de634d173ee2ea9cf60aca5f34055fa95d95d272f64eceaf4b206de213f070d768e7222cd2e9efb4efe96ba188c170972b5533722350a193413
SSDEEP

6144:4UY5XQ4QrtX4jEuoUXS5W+Dv+ZI2zcrKQJqv02:RY5AhJ4jDpXUW+DL2zcrx2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42fa6e93780adca8c18ebb5872f33017_JaffaCakes118

Files

42fa6e93780adca8c18ebb5872f33017_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

16313d69fae3f80c40c24f239b7070a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
HeapSize
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
RaiseException
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
Sleep
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
TerminateProcess
ExitProcess
GetCommandLineA
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
GetFileTime
GetFileSize
GetFileAttributesA
GetTickCount
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
GetOEMCP
GetCPInfo
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
MulDiv
SetLastError
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
GlobalFree
LockResource
CloseHandle
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
FormatMessageA
LocalFree
SetErrorMode
GetWindowsDirectoryA
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
HeapDestroy
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetShortPathNameA
MultiByteToWideChar
lstrlenW
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
LCMapStringW
lstrlenA
InterlockedExchange

user32

CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextA
GetDlgCtrlID
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
SetCursor
SendMessageA
PostMessageA
PostQuitMessage
KillTimer
GetDesktopWindow
UpdateWindow
SetTimer
MessageBoxA
EnableWindow
BeginPaint
GetClientRect
EndPaint
InvalidateRect
GetDC
PostThreadMessageA
RegisterClipboardFormatA
AdjustWindowRectEx
CharUpperA
MessageBeep
ReleaseDC
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
IsWindow
GetParent
SetFocus
GetFocus
IsChild
DestroyWindow
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
CharNextA
CreateWindowExA
CallWindowProcA
GetWindowLongA
SetWindowLongA
ShowWindow
UnionRect
PtInRect
CallNextHookEx
GetKeyState
DefWindowProcA
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
DestroyMenu
GetSysColorBrush
GrayStringA
DrawTextA
TabbedTextOutA
GetWindowDC
ClientToScreen
GetClassNameA
LoadStringA
UnregisterClassA
MapDialogRect
SetWindowContextHelpId
MoveWindow
SetWindowTextA
IsDialogMessageA
LoadIconA
SendDlgItemMessageA
MapWindowPoints
DispatchMessageA
GetSysColor

gdi32

SelectObject
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
ScaleWindowExtEx
DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
ExtTextOutA
Escape
DPtoLP
GetMapMode
GetStockObject
GetBkColor
GetTextColor
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateDCA
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
GetDeviceCaps
CreateMetaFileA
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
Rectangle
TextOutA
SetTextAlign

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

CryptDestroyKey
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptDestroyHash
CryptDecrypt
RegCloseKey
CryptReleaseContext
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA

comctl32

ord17

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CreateOleAdviseHolder
OleSaveToStream
WriteClassStm
OleLoadFromStream
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
OleInitialize

olepro32

ord250
ord253

oleaut32

SysFreeString
VariantClear
VarUI4FromStr
SysAllocString
LoadTypeLi
RegisterTypeLi
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
SysStringLen
VariantInit
VariantCopy
SysAllocStringLen
VariantTimeToSystemTime

urlmon

URLDownloadToFileA

wininet

HttpSendRequestA
InternetReadFile
HttpOpenRequestA
InternetConnectA
InternetOpenA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16313d69fae3f80c40c24f239b7070a3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

wininet

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 168KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 8KB - Virtual size: 5KB

.reloc Size: 24KB - Virtual size: 21KB

.text
Size: 172KB - Virtual size: 168KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 24KB - Virtual size: 21KB