46cfb3d544942f5f81013e615de70212_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

46cfb3d544942f5f81013e615de70212_JaffaCakes118
Size

268KB
MD5

46cfb3d544942f5f81013e615de70212
SHA1

3e89e96885570df09076071bd0fa50ffc2a882d5
SHA256

74ca325bad8e92a855097e46c8facc0b315da9e77a324fc531b68a0785895877
SHA512

48ba2ab5df8b5586d1bf73bdb906c27091a406613819a4c00293984f0aca82102345846af83209b506f684652ba6041225f83aa8c76b284c0c9d6c6aaeeedd41
SSDEEP

3072:NuY1q5Fh2T80237Qf5y+zpeukPsIhrZcDugR/C:sGq5Fh2THfBy+tLkPLhrK6gg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46cfb3d544942f5f81013e615de70212_JaffaCakes118

Files

46cfb3d544942f5f81013e615de70212_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

5455efe25adbc91c60fbba4374f91efb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpA
CompareStringW
GetVersionExA
IsDBCSLeadByte
LoadResource
CompareStringA
FindResourceA
HeapReAlloc
LockResource
lstrcmpiA
lstrcpyA
GetLocaleInfoA
GetWindowsDirectoryA
lstrcpynA
GetModuleFileNameA
lstrcatA
DisableThreadLibraryCalls
GetFileAttributesA
GetVersion
GetLastError
InterlockedIncrement
InterlockedDecrement
GlobalUnlock
IsBadWritePtr
MultiByteToWideChar
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
LoadLibraryA
EnterCriticalSection
HeapAlloc
GetProcessHeap
lstrlenA
GetProcAddress

user32

GetCapture
GetDesktopWindow
SetCursor
GetDCEx
WaitMessage
SetParent
DefWindowProcA
UnregisterClassA
BeginPaint
GetWindow
EndPaint
GetParent
EqualRect
SetWindowRgn
ShowWindow
PtInRect
GetActiveWindow
IsDialogMessageA
GetNextDlgTabItem
IsWindowEnabled
CreateDialogIndirectParamA
ReleaseCapture
EndDialog
PostMessageW
RegisterWindowMessageA
KillTimer
SetTimer
wsprintfA
PeekMessageA
GetMessageA
PostQuitMessage
InvalidateRect
CheckDlgButton
TranslateMessage
IsWindowVisible
GetFocus
IsChild
GetDlgItemInt
SetDlgItemInt
GetWindowTextLengthA
SendDlgItemMessageA
EnableWindow
GetDlgItemTextA
IsDlgButtonChecked
SetDlgItemTextA
SetCapture
CharNextA
LoadMenuA
GetSubMenu
DestroyMenu
GetDlgItem
TrackPopupMenu
GetScrollInfo
ScrollWindowEx
ShowScrollBar
DrawFrameControl
SetScrollInfo
EnableScrollBar
IntersectRect
DrawTextA
DrawTextW
WindowFromDC
DrawTextExW
SetRect
FillRect
InflateRect
OffsetRect
GetDC
DrawTextExA
UpdateWindow
GetWindowRect
GetClientRect
ReleaseDC
PostMessageA
DialogBoxParamA
PeekMessageW
WinHelpA
GetAsyncKeyState
DispatchMessageA
GetKeyState
CreateWindowExW
SetWindowLongW
RedrawWindow
SendMessageW
ClientToScreen
ScreenToClient
CallWindowProcW
CallWindowProcA
MoveWindow
CreateWindowExA
SetWindowLongA
SetWindowPos
LoadBitmapA
RegisterClipboardFormatA
OpenClipboard
GetClipboardData
CloseClipboard
EmptyClipboard
SetClipboardData
MessageBoxA
SetFocus
MessageBeep
GetKeyboardLayout
GetWindowLongA
SendMessageA
GetSysColor
LoadCursorA
RegisterClassA
DestroyWindow
GetSystemMetrics
LoadStringA
EnumClipboardFormats
EnableMenuItem
GetMessagePos

ole32

OleSaveToStream
CreateOleAdviseHolder
CoTaskMemAlloc
CoCreateInstance
OleLoadFromStream
CoTaskMemFree
CreateStreamOnHGlobal
GetHGlobalFromStream

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SafeArrayGetDim
SafeArrayGetUBound
SysStringByteLen
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetLBound
SetErrorInfo
OleCreatePropertyFrame
CreateErrorInfo
UnRegisterTypeLi
LoadTypeLi
LoadTypeLibEx
VariantCopyInd
VariantChangeTypeEx
RegisterTypeLi
OleTranslateColor
OleCreateFontIndirect
OleCreatePictureIndirect
LoadRegTypeLi
VariantChangeType
SysAllocStringByteLen
VarBstrFromR4
GetErrorInfo
VarR4FromStr
VariantClear
SysAllocStringLen
VariantCopy
SysStringLen
SysFreeString
VariantInit
SafeArrayCreateVector
SysAllocString

gdi32

CreatePen
ExtTextOutW
SetROP2
ExtTextOutA
CreateDCA
GetTextExtentPoint32W
SetWindowExtEx
SetViewportExtEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
LPtoDP
DeleteObject
CreateSolidBrush
GetTextExtentPoint32A
SetTextColor
DeleteDC
SetBkColor
CloseEnhMetaFile
GetDeviceCaps
CreateEnhMetaFileA
BitBlt
DeleteEnhMetaFile
GetObjectA
SetMapMode
DPtoLP
SelectClipRgn
GetWindowOrgEx
CreateRectRgnIndirect
Rectangle
IntersectClipRect
SetWindowOrgEx
PatBlt
SetTextAlign
GetDIBits
StretchDIBits
GetClipBox
CreateBitmap
GetSystemPaletteEntries
SelectObject
GetStockObject
CreateCompatibleDC
GetMapMode

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5455efe25adbc91c60fbba4374f91efb

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 167KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 68KB - Virtual size: 66KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 168KB - Virtual size: 167KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 68KB - Virtual size: 66KB

.reloc
Size: 12KB - Virtual size: 9KB