46ff49ef3c3b8d66b2a84a50e44d35bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

46ff49ef3c3b8d66b2a84a50e44d35bc_JaffaCakes118
Size

628KB
MD5

46ff49ef3c3b8d66b2a84a50e44d35bc
SHA1

7002e9eb5fd5e13e2705feea8439142989627ba7
SHA256

a5afe92de32a19de5462d9c2d53a0687a25e81c4173a2875590785b297355b38
SHA512

11aeb90df12e61bf02b15bbdf4cb1cfd25b6e9e99d1675a455012185efc5ec754a9e416b3147d6d2d6d74f461412045dc6bccf25e624d37055ab1070da9abe1b
SSDEEP

12288:enSZmpIpMcvYncZn8h/ZThiN4RG2WwmiC+KIvoJjusDM474R9gDQTxFxKOLo:YSZmpIpMcvK0Uh5E2lmi/gMTxFAO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46ff49ef3c3b8d66b2a84a50e44d35bc_JaffaCakes118

Files

46ff49ef3c3b8d66b2a84a50e44d35bc_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

7666900d31274d9ee8808f2562c54c90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
GetProcAddress
LoadLibraryA
EnterCriticalSection
DeleteCriticalSection
MultiByteToWideChar
CompareStringW
CompareStringA
GetDriveTypeA
GetProcessHeap
SetEndOfFile
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileW
SetStdHandle
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
WideCharToMultiByte
Sleep
InterlockedExchange
InitializeCriticalSection
LeaveCriticalSection
GetUserDefaultLCID
GetStringTypeA
GetLocaleInfoA
GetCurrentDirectoryA
GetFullPathNameW
IsValidCodePage
GetOEMCP
InterlockedCompareExchange
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
GetCurrentThreadId
GetCommandLineA
ExitThread
CreateThread
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileW
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
HeapAlloc
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetModuleHandleA
HeapSize
ExitProcess
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
WriteFile
GetTimeZoneInformation
CloseHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
GetACP
SetEnvironmentVariableA

user32

CharUpperW
SetWindowPos
GetWindowRect
SystemParametersInfoW
SetWindowTextW
wsprintfW
GetWindowTextW
CallWindowProcW
SendMessageW
SetWindowLongW
MoveWindow
GetWindowLongW
CharLowerW

oleaut32

SysStringLen
VariantChangeType
VariantCopy
SysFreeString
VarBstrCmp
VariantInit
VariantClear
SysAllocString
SysAllocStringLen

shlwapi

PathMatchSpecW
PathIsDirectoryW
PathFileExistsW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 481KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7666900d31274d9ee8808f2562c54c90

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 481KB - Virtual size: 481KB

.rdata Size: 74KB - Virtual size: 74KB

.data Size: 7KB - Virtual size: 22KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 63KB - Virtual size: 62KB

.text
Size: 481KB - Virtual size: 481KB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 7KB - Virtual size: 22KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 63KB - Virtual size: 62KB