48fc84c72a179d5716bf690636b5cf1d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

48fc84c72a179d5716bf690636b5cf1d_JaffaCakes118
Size

208KB
MD5

48fc84c72a179d5716bf690636b5cf1d
SHA1

b8d4d99833eb393e896d961294adfffe17636e47
SHA256

34bbbba8e0e469bafd1a1851b885084dfbf2e4ea96558a370d2d60daa537ec34
SHA512

0a77ad7600ff8bb4406f1f3441b97917f0e7898bdd0179d586ec888b3285ac1a60dd66b423c25c5ed6754019e243e49378340fce5d0f4dcc394917209ca49603
SSDEEP

1536:eHJLDtgABkVkcvxOIe6+UP8CW5PfIMOIbpbw2mNWuYw+NaD7BaX3sH0Uqy9Wt0t3:epibycv8nIMOIbpbo7gE0Xy9E0Ypi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48fc84c72a179d5716bf690636b5cf1d_JaffaCakes118

Files

48fc84c72a179d5716bf690636b5cf1d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

5c24f9b3720fc0ae25a865a15ca714f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
GlobalAddAtomA
GlobalDeleteAtom
GlobalReAlloc
GlobalHandle
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
MulDiv
IsDBCSLeadByte
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
LeaveCriticalSection
WideCharToMultiByte
GetLastError
FreeLibrary
GetVersion
GetProcAddress
LoadLibraryA

user32

GetWindowLongA
SendMessageA
WinHelpW
GetParent
CharNextA
GetWindowTextA
CharLowerA
DestroyIcon
GetFocus
CreateIcon
CreateCursor
DrawIcon
GetSystemMetrics
GetIconInfo
CopyIcon
CopyImage
SendMessageW
RegisterClipboardFormatA
GetDlgItem
GetKeyState
ReleaseDC
GetDC
GetDialogBaseUnits
GetClientRect
IsWindowUnicode
GetTopWindow
wsprintfA
wsprintfW
DestroyWindow
SetFocus
SetActiveWindow
GetActiveWindow
PostQuitMessage
PostMessageA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageW
GetMessageA
EnableWindow
IsWindow
SetWindowLongA
GetSysColor

gdi32

GetObjectA
SelectPalette
SetBitmapBits
SetDIBits
SetMetaFileBitsEx
CreateBitmap
PatBlt
GetTextExtentPointA
CreateFontIndirectW
GetPaletteEntries
DeleteObject
CreateFontIndirectA
GetDeviceCaps
SelectObject
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
EnumFontFamiliesExA
GetEnhMetaFileHeader
GetBitmapDimensionEx
StretchDIBits
GetDIBits
StretchBlt
RealizePalette
GetStockObject
GetObjectType
GetCurrentObject
GetWinMetaFileBits
CreateHalftonePalette
CreateDIBitmap
CreateDIBSection
Escape
SaveDC
IntersectClipRect
GetWindowOrgEx
OffsetViewportOrgEx
PlayEnhMetaFile
EnumMetaFile
RestoreDC
DeleteEnhMetaFile
DeleteMetaFile
PlayMetaFileRecord
SetViewportOrgEx
SetViewportExtEx
CreatePalette
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateCompatibleDC
BitBlt
DeleteDC
CreateCompatibleBitmap
GetBitmapBits
SetEnhMetaFileBits
SetStretchBltMode
SetBkColor
SetTextColor
SetMapMode
SetWindowOrgEx
SetWindowExtEx

ole32

CoGetMalloc
StgCreateDocfile
StringFromGUID2
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
ReleaseStgMedium
CoCreateInstance

advapi32

RegFlushKey
RegQueryValueW
RegCloseKey
RegSetValueA
RegCreateKeyA
RegOpenKeyW
RegOpenKeyA

msvcrt

wcsrchr
_adjust_fdiv
malloc
_initterm
free
calloc
_CxxThrowException
_wcslwr
wcscmp
_local_unwind2
_except_handler3
wcscat
??1type_info@@UAE@XZ
wcsncpy
_wcsicmp
_ftol
wcscpy
_CIfmod
wcslen
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z

oleaut32

LoadTypeLi
VariantClear
VariantChangeType
VariantInit
SysFreeString
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleTranslateColor

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c24f9b3720fc0ae25a865a15ca714f2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

advapi32

msvcrt

oleaut32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 69KB

.data Size: 108KB - Virtual size: 105KB

.rsrc Size: 16KB - Virtual size: 13KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 72KB - Virtual size: 69KB

.data
Size: 108KB - Virtual size: 105KB

.rsrc
Size: 16KB - Virtual size: 13KB

.reloc
Size: 8KB - Virtual size: 4KB