59e3eafb931c7490ad43bde3bfde2059_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

59e3eafb931c7490ad43bde3bfde2059_JaffaCakes118
Size

196KB
MD5

59e3eafb931c7490ad43bde3bfde2059
SHA1

09aa7c716f70e692d368b6f29798b995d451f59f
SHA256

8c7ae8f3df7a8680031b2e5bcd5d5f752dda95b4e0e4c568f15ee5250f2affe2
SHA512

2a9b4d67696e93f073768d457d28a36810b734af09c77a61942bce0d350d5169834e22cc165a4a3ab04f78040818c38b0c48ba64af15dee9b6eed29b91f74670
SSDEEP

3072:LsuNiDhaEY9Zbtm8ajQK+LvsbPZI473W05aRw9cG:2ScR+LUrZwvB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59e3eafb931c7490ad43bde3bfde2059_JaffaCakes118

Files

59e3eafb931c7490ad43bde3bfde2059_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

2ae6c64894afbfff92c5bc02df02ca56

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetGetConnectedState
InternetSetCookieA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetCrackUrlA
InternetOpenA

shlwapi

wnsprintfA
PathFileExistsA
StrStrIA

kernel32

DeleteCriticalSection
GetModuleFileNameA
GetModuleHandleA
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
EnterCriticalSection
LeaveCriticalSection
GetLastError
GetProcAddress
lstrlenA
lstrcmpiA
GetModuleHandleW
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
SetThreadLocale
GetThreadLocale
HeapReAlloc
HeapAlloc
InitializeCriticalSection
HeapFree
GetProcessHeap
LocalFree
LoadLibraryA
CloseHandle
GetCurrentProcess
CreateProcessA
WriteFile
CreateFileA
GetTempPathA
lstrcmpA
SleepEx
ReleaseMutex
WaitForSingleObject
CreateMutexA
Sleep
CreateThread
GetVolumeInformationA
GetComputerNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
RaiseException
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
TerminateThread
GetEnvironmentStringsW
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
IsValidCodePage
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
ExitProcess
GetACP
GetOEMCP
WriteConsoleA

user32

CharNextA
CharNextW

advapi32

RegCreateKeyA
RegOpenKeyA
RegQueryValueExA
OpenProcessToken
DuplicateTokenEx
ConvertStringSidToSidW
GetLengthSid
SetTokenInformation
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

ole32

StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

oleaut32

LoadRegTypeLi
SysAllocStringLen
VariantClear
VariantInit
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetClientTicket

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ae6c64894afbfff92c5bc02df02ca56

Headers

File Characteristics

Imports

wininet

shlwapi

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 11KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 11KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 11KB - Virtual size: 11KB