5dcae816b6d1cc92b620b0f003bb2f40_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5dcae816b6d1cc92b620b0f003bb2f40_JaffaCakes118
Size

132KB
MD5

5dcae816b6d1cc92b620b0f003bb2f40
SHA1

b4e1f42c75d6a79170b8ccef42142d81d2e48b8c
SHA256

6e7c7acb27a040fe879a1c4bb487035351de8c9e9714bad54e6adb59087051db
SHA512

89594b7c1cdbf804a075422c405642f9bde22963623ddbca78c9c649a4bcd748ed0ade6745a25868d3daa0f90c1edc379e3707ab8daa95cd9bf4a00b2f2e047f
SSDEEP

1536:+EhuXYS7OkFbxcvXhzbXjcUzMrxw+IZCu85xOfpJScOuDjiWICS4AXoMj7JGLa9s:+EhM7OktINbXmx1IdNxDkPj7JJ93GT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dcae816b6d1cc92b620b0f003bb2f40_JaffaCakes118

Files

5dcae816b6d1cc92b620b0f003bb2f40_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

b7913d0d3db88bf1a082bde05d46a4a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrStrIA
SHGetValueA
SHSetValueA

oleaut32

SysAllocString
VariantClear
GetErrorInfo
SysFreeString

msvcrt

free
malloc
??3@YAXPAX@Z
fclose
fwrite
fopen
tmpnam
??2@YAPAXI@Z
atoi
strtol
strchr
strncpy
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
isalnum
isxdigit
islower
srand
strstr
isupper
strerror
strtok
toupper
wcscmp
wcslen
?what@exception@@UBEPBDXZ
_stricmp
ispunct
tolower
__mb_cur_max
wctomb
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_CxxThrowException
isspace
isalpha
isgraph
printf
??0exception@@QAE@ABV0@@Z

rpcrt4

UuidToStringA

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoCreateGuid
CoTaskMemAlloc

netapi32

Netbios

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

user32

ShowWindow
DefWindowProcA
SetTimer
KillTimer
SetWindowPos
SystemParametersInfoA
DispatchMessageA
TranslateMessage
GetMessageA
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
CloseClipboard
wsprintfA
RegisterClassExA
CreateWindowExA
OpenClipboard

winmm

timeGetTime

advapi32

RegCloseKey
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegQueryValueExW
RegOpenKeyExW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegOpenKeyExA

wininet

InternetReadFile
InternetOpenUrlA
InternetSetOptionA
InternetOpenA
InternetCloseHandle
HttpQueryInfoA

kernel32

DeleteFileA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateProcessA
WaitForSingleObject
CloseHandle
MoveFileExA
GetLocalTime
GetSystemDirectoryA
QueryPerformanceCounter
QueryPerformanceFrequency
VirtualAllocEx
OpenProcess
SleepEx
GetLastError
GetProcessTimes
GetCurrentProcess
LocalFree
GetWindowsDirectoryA
HeapFree
GetCurrentDirectoryA
GetVersion
Sleep
HeapSize
HeapAlloc
GetProcessHeap
CreateRemoteThread
GetTickCount
FormatMessageA
GetModuleFileNameA
CreateFileA
GetSystemInfo
GetCurrentProcessId
GetModuleHandleA
lstrcpynA
GetFullPathNameA
GetThreadTimes
GetCurrentThread
GetVersionExA
FreeEnvironmentStringsA
GetEnvironmentStrings
lstrcpyA
lstrlenA
MultiByteToWideChar
GetEnvironmentVariableA
SetLastError
InterlockedExchange
lstrcmpiA
lstrcmpA
WriteProcessMemory

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7913d0d3db88bf1a082bde05d46a4a2

Headers

File Characteristics

Imports

shlwapi

oleaut32

msvcrt

rpcrt4

psapi

ole32

netapi32

version

user32

winmm

advapi32

wininet

kernel32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 16KB - Virtual size: 16KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 16KB - Virtual size: 16KB

.reloc
Size: 8KB - Virtual size: 6KB