5e3ae42a1b148c3f1f939957c22bdd97_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5e3ae42a1b148c3f1f939957c22bdd97_JaffaCakes118
Size

220KB
MD5

5e3ae42a1b148c3f1f939957c22bdd97
SHA1

f5c7b9109b710d45bc1d3f49a195b2e9fb2d5ecf
SHA256

592ad8f762a9456c35092f9ba8efb308f2720579f7aa5c2fd8c2d8aa8a284468
SHA512

595a81e214a0edc8ba765336ed56852b44956a10a0ef8d686ca02c6c57f05c25aaee11522896c714d3f2c4e72dcc01deb60212ec0b36fe2a9cced61e502861fc
SSDEEP

3072:HtpPHZQtckqwyznOKGEWnifIZYJQZkpR6hIkMtT/FgqdZQFmg5+2vQbe:Np2txyz/GHi6BZkpSMtRhwFTbvQbe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e3ae42a1b148c3f1f939957c22bdd97_JaffaCakes118

Files

5e3ae42a1b148c3f1f939957c22bdd97_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

13c62f3bff6fbf662bd4dbecd75ad5d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RemoveDirectoryA
FindClose
FindNextFileA
FindFirstFileA
ReleaseMutex
WriteFile
MoveFileExA
CopyFileA
GetCurrentProcess
InterlockedDecrement
CreateThread
SetEvent
WaitForMultipleObjects
ResetEvent
CreateEventA
GlobalAlloc
FreeResource
GlobalUnlock
GlobalLock
GetEnvironmentVariableA
ExitProcess
SetUnhandledExceptionFilter
WriteProcessMemory
VirtualProtect
LoadLibraryExA
SetErrorMode
GetVersion
CreateDirectoryA
LocalFree
SetLastError
GetACP
GetModuleHandleA
FindResourceA
LoadResource
SizeofResource
LockResource
WinExec
GetWindowsDirectoryA
GetSystemDirectoryA
SetFilePointer
ReadFile
GetShortPathNameA
CreateFileA
DeviceIoControl
GetVersionExA
lstrcpyA
lstrcatA
Sleep
lstrlenA
MultiByteToWideChar
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileSectionA
DeleteFileA
GetTempPathA
GetTempFileNameA
WaitForSingleObject
GetTickCount
CreateMutexA
GetLastError
CloseHandle
GetProcAddress
FreeLibrary
DisableThreadLibraryCalls
LoadLibraryA
GetCurrentThreadId
lstrlenW
WideCharToMultiByte
lstrcmpA
GetModuleFileNameA
MulDiv

user32

EnumThreadWindows
GetClassNameA
RemovePropA
GetPropA
IsWindow
FindWindowExA
ExitWindowsEx
SendMessageTimeoutA
RegisterWindowMessageA
SetForegroundWindow
GetSystemMetrics
LoadImageA
wsprintfA
CreateWindowExA
PtInRect
SetWindowLongW
IsWindowUnicode
GetForegroundWindow
CallWindowProcA
CallWindowProcW
DestroyWindow
IsWindowVisible
GetParent
DialogBoxParamA
DrawIconEx
DefWindowProcA
CheckDlgButton
LoadMenuA
GetSubMenu
TrackPopupMenu
DestroyMenu
IsDlgButtonChecked
EndDialog
LoadIconA
SetDlgItemTextA
ClientToScreen
DrawIcon
GetAncestor
GetCapture
GetDC
GetMessagePos
GetSysColor
ReleaseDC
SetCapture
ReleaseCapture
InvalidateRect
LoadCursorA
SetCursor
BeginPaint
DrawTextA
EndPaint
GetWindowTextA
FlashWindowEx
GetClientRect
PeekMessageA
PostQuitMessage
SetWindowLongA
IsIconic
SetWindowTextA
EnableWindow
SendMessageA
SetPropA
SetTimer
KillTimer
CreateDialogParamA
GetDlgItem
GetWindowRect
ScreenToClient
ShowWindow
GetMessageA
IsDialogMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
DestroyIcon
LoadBitmapA
LoadStringA
GetDesktopWindow
MessageBoxA
PostMessageA
SetWindowPos

gdi32

DeleteObject
SetBkColor
SetTextColor
SelectObject
GetPixel
CreateFontIndirectA
GetObjectA
SetBkMode
Rectangle
CreateSolidBrush
CreatePen
DeleteDC
CreateBitmap
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
GetDeviceCaps

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCloseKey
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegEnumValueA

shell32

ShellExecuteA

ole32

StringFromIID
CLSIDFromString
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
StringFromCLSID
CoTaskMemFree
CoGetMalloc
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysAllocStringByteLen
RegisterTypeLi
LoadTypeLi
SysFreeString
VariantClear
VariantInit
OleLoadPicture
SysAllocString
SysStringByteLen

comctl32

ImageList_Create
ImageList_Destroy
ImageList_AddMasked

shlwapi

SHSetValueA
SHRegCloseUSKey
SHDeleteKeyA
StrCpyNW
SHRegEnumUSKeyA
SHRegOpenUSKeyA
SHDeleteValueA
SHDeleteEmptyKeyA
SHGetValueA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

urlmon

URLDownloadToFileA

msvcrt

free
fopen
fread
fclose
malloc
strstr
_beginthreadex
strncpy
_except_handler3
memcpy
_mbsicmp
strcpy
strcat
memcmp
??2@YAPAXI@Z
strrchr
strlen
wcslen
_wcsnicmp
_snprintf
_wcsicmp
strcmp
memset
__CxxFrameHandler
_mbsnbcpy
rand
srand
time
sscanf
strchr
sprintf
_mbsstr
_ftol
strftime
localtime
atol
strncmp
ftell
fseek
_mbsrchr
memmove
_mbschr
memchr
fwrite
fprintf
_ltoa
_strnicmp
fgets
rewind
_stricmp
atoi
_mbscmp
_mbsnbcmp
wcscmp
wcscpy
tolower
toupper
_CxxThrowException
__dllonexit
_onexit
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
_itoa
strncat

setupapi

SetupIterateCabinetA

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetCloseHandle
InternetSetStatusCallback
InternetGetConnectedState
InternetCrackUrlA
HttpQueryInfoA

Exports

Exports

Action
ActionEx
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
EventInvoke
Install
SCEventInvoke
SetSysInfo
Version

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.autoliv
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13c62f3bff6fbf662bd4dbecd75ad5d9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

version

urlmon

msvcrt

setupapi

wininet

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 14KB

.autoliv Size: 4KB - Virtual size: 8B

.rsrc Size: 88KB - Virtual size: 86KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 14KB

.autoliv
Size: 4KB - Virtual size: 8B

.rsrc
Size: 88KB - Virtual size: 86KB

.reloc
Size: 12KB - Virtual size: 8KB