4a5511973f18e4275dfbace9495c1360_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a5511973f18e4275dfbace9495c1360_JaffaCakes118
Size

212KB
MD5

4a5511973f18e4275dfbace9495c1360
SHA1

3232aef9d47e5dcd6b28031f7a5bca2b9a4e9059
SHA256

e5f0dced68dde2eb7267a4d80bc380a76e811a49c940599cc26c46eb3e8f8865
SHA512

942c8ee1a89fd00fc1079e68856c726e1b4aba72b78db2c69785d4a13b4a386576353a6845ef90040ba4cd126e105fb3c69ee8f5e29a59d7eb9058de2bdcbbba
SSDEEP

3072:7g/XqMjltdY8Nyg+x9MaMVENi+BqMQw+Ge86chTiQLZpDeh/jpi7eP:U/FXrn+cvN+BNy8lxFpDE9i7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a5511973f18e4275dfbace9495c1360_JaffaCakes118

Files

4a5511973f18e4275dfbace9495c1360_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

33f28cb02d4cb0aba8903246b484c2f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

free
realloc
_wtoi64
_initterm
_adjust_fdiv
malloc

kernel32

WideCharToMultiByte
lstrcpynA
lstrlenW
GlobalUnlock
GlobalLock
GlobalAlloc
IsDBCSLeadByte
FormatMessageA
CloseHandle
ReadFile
GetFileSize
CreateFileA
CompareStringA
LeaveCriticalSection
EnterCriticalSection
lstrcmpiA
IsBadWritePtr
GetEnvironmentVariableA
VirtualAlloc
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
HeapDestroy
GetPrivateProfileStringA
FreeLibrary
GetProcAddress
LoadLibraryA
VirtualProtect
SizeofResource
LoadResource
FindResourceA
GetLastError
LoadLibraryExA
GetShortPathNameA
GetSystemDirectoryA
Sleep
SetEvent
OpenEventA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LocalAlloc
LocalFree
GetStringTypeExA
SetErrorMode
GetFileAttributesA
WritePrivateProfileStringA
lstrcatA
GlobalFree
MultiByteToWideChar
lstrcmpA
lstrlenA
lstrcpyA
GetModuleFileNameA

advapi32

RegQueryInfoKeyA
RegDeleteKeyA
RegQueryValueExA
RegCreateKeyA
RegOpenKeyA
RegFlushKey
RegEnumKeyExA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegEnumValueA

user32

CharNextA
EnableWindow
GetDlgItem
GetWindowTextA
EndDialog
PostMessageA
SetWindowLongA
GetWindowLongA
DialogBoxParamA
ChangeDisplaySettingsA
ChangeDisplaySettingsExA
EnumDisplayDevicesA
FindWindowA
PeekMessageA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
WinHelpA
SendMessageA
GetDlgItemTextA
MessageBoxA
LoadStringA
RegisterClipboardFormatA
wsprintfA

gdi32

GetStockObject

ole32

CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoGetClassObject
CoTaskMemRealloc
CoTaskMemAlloc
CoUninitialize

oleaut32

SysAllocString
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
SysFreeString
SysAllocStringLen
LoadRegTypeLi
SysStringLen

shell32

SHGetMalloc
SHChangeNotify
DragQueryFileA

Exports

Exports

ServiceMain
CleanupNetMeetingDispDriverW
DllCanUnloadNow
DllGetClassObject
DllGetVersion
DllRegisterServer
DllUnregisterServer
NewMediaPhone
OpenConfLink
VerifyUserInfo

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33f28cb02d4cb0aba8903246b484c2f0

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

advapi32

user32

gdi32

ole32

oleaut32

shell32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 46KB

.data Size: 4KB - Virtual size: 916B

.rsrc Size: 152KB - Virtual size: 150KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 48KB - Virtual size: 46KB

.data
Size: 4KB - Virtual size: 916B

.rsrc
Size: 152KB - Virtual size: 150KB

.reloc
Size: 4KB - Virtual size: 2KB