5b604351cb97ae01bf368251fde9af6b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b604351cb97ae01bf368251fde9af6b_JaffaCakes118
Size

172KB
MD5

5b604351cb97ae01bf368251fde9af6b
SHA1

b2a1b371f97acf32871c7f54276907037ac28d32
SHA256

ef198cfd7c49f64e32cfe3c2b951a627e19e30196fe6157eb25f9426ea354493
SHA512

be6a9027a53a8d42fad092e679389820b1064ef339308d02875dc4730f5c25b8a3d78e6c75b672ff50df54e89374f468bf82ed756175619e226a099342730dcb
SSDEEP

3072:wfc8YXhZzG/rHpdOQQknzAXrPqo+4VpYwtX7UFq22JoFwru2o+:Kc8Y/MskngpYwa429Fwr/o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b604351cb97ae01bf368251fde9af6b_JaffaCakes118

Files

5b604351cb97ae01bf368251fde9af6b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

f4ae9c69947fd08e7c1cec0ee58e9932

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
srand
isxdigit
strtok
toupper
strtol
atoi
tmpnam
fopen
fwrite
fclose
isspace
malloc
isupper
ispunct
tolower
__mb_cur_max
wctomb
isalnum
wcscmp
wcslen
?what@exception@@UBEPBDXZ
printf
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_CxxThrowException
isalpha
??0exception@@QAE@ABV0@@Z
strchr
strncpy
isgraph
islower
strerror
strstr
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
free

oleaut32

SysAllocString
SysFreeString
GetErrorInfo
VariantClear

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

user32

GetClassNameA
SetWindowPos
SystemParametersInfoA
EnumWindows
EnumChildWindows
KillTimer
SetTimer
DefWindowProcA
GetWindowThreadProcessId
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
OpenClipboard
CloseClipboard
wsprintfA

wininet

InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoA
InternetReadFile
InternetOpenA
InternetSetOptionA

netapi32

Netbios

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

winmm

timeGetTime

rpcrt4

UuidToStringA

advapi32

RegCloseKey
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegOpenKeyExA

ole32

CoTaskMemAlloc
CoInitialize
CoCreateGuid
CoTaskMemFree
CoCreateInstance

shlwapi

SHSetValueA
SHGetValueA
StrStrIA

kernel32

Sleep
HeapFree
GetVersion
GetCurrentDirectoryA
OpenProcess
CloseHandle
SleepEx
GetTickCount
QueryPerformanceCounter
GetProcessHeap
VirtualAllocEx
lstrlenA
GetVersionExA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetLastError
SetLastError
GetFullPathNameA
GetModuleFileNameA
GetModuleHandleA
FreeLibrary
GetProcAddress
LoadLibraryA
LocalFree
FormatMessageA
HeapSize
HeapAlloc
lstrcmpiA
lstrcmpA
MultiByteToWideChar
GetProcessTimes
GetCurrentProcess
lstrcpyA
GetSystemDirectoryA
GetCurrentProcessId
GetLocalTime
GetWindowsDirectoryA
MoveFileExA
WaitForSingleObject
lstrcpynA
GetSystemInfo
GetCurrentThread
GetThreadTimes
QueryPerformanceFrequency
WriteProcessMemory
CreateRemoteThread
CreateFileA
DeleteFileA
CreateProcessA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4ae9c69947fd08e7c1cec0ee58e9932

Headers

File Characteristics

Imports

msvcrt

oleaut32

psapi

user32

wininet

netapi32

version

winmm

rpcrt4

advapi32

ole32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 24KB - Virtual size: 25KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 24KB - Virtual size: 25KB

.reloc
Size: 12KB - Virtual size: 8KB