5cb0279bc8b35d99e79764293d279c85_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5cb0279bc8b35d99e79764293d279c85_JaffaCakes118
Size

328KB
MD5

5cb0279bc8b35d99e79764293d279c85
SHA1

d8e7e4bff83d77a962eff55b02b4b8c66a6e1071
SHA256

d112781734d59205de58198642327ead225efbd55fd19fa418a5559dc78d32e9
SHA512

b33c3478daa3b0415cc044f0acb6cdacd9f77aee4ba2da7a0f7a9819bda22727e6afefbfc510bd22f0cfdfe46da89766b3a10d9fe40939b7c876402ef8a7f80f
SSDEEP

3072:Q4WwSvv/W0EhGJ0zZVJmoiVzRI9jTT3qbsUGoHPGXNZdBOgc7akifcv9A1N2IQMM:c2EJ0loGv3qb7+NZd8gc7aGA1w6WvYv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cb0279bc8b35d99e79764293d279c85_JaffaCakes118

Files

5cb0279bc8b35d99e79764293d279c85_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

665a0202c291ce097b68b3a966259d1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
lstrcmpiA
FreeLibrary
lstrcpyA
lstrcatA
GetCurrentThreadId
FlushInstructionCache
GetLastError
LoadLibraryExA
lstrlenA
FindResourceA
SizeofResource
LoadResource
GetTempPathA
LockResource
FreeResource
CreateProcessA
CloseHandle
DisableThreadLibraryCalls
GetUserDefaultLangID
WideCharToMultiByte
GetShortPathNameA
MultiByteToWideChar
lstrlenW
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcess
LoadLibraryA
GetModuleFileNameA
GetDriveTypeA
FlushFileBuffers
SetStdHandle
SetFilePointer
IsBadCodePtr
IsBadReadPtr
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TerminateProcess
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
WriteFile
SetUnhandledExceptionFilter
GetCurrentDirectoryA
GetFullPathNameA
SetEnvironmentVariableA
CompareStringW
CompareStringA
TlsGetValue
ReadFile
SetEndOfFile
FileTimeToSystemTime
FindClose
SetLastError
TlsFree
TlsAlloc
TlsSetValue
ExitProcess
GetVersion
GetCommandLineA
HeapReAlloc
HeapAlloc
CreateFileA
GetStringTypeW
GetStringTypeA
GetFileAttributesA
HeapFree
FileTimeToLocalFileTime
FindFirstFileA
RtlUnwind
RaiseException

user32

DestroyWindow
DefWindowProcA
GetKeyState
PtInRect
UnionRect
ShowWindow
SetWindowLongA
GetWindowLongA
CallWindowProcA
CreateWindowExA
CharNextA
RegisterClassExA
wsprintfA
LoadCursorA
GetClassInfoExA
ReleaseDC
IsChild
GetFocus
SetFocus
GetParent
IsWindow
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
BeginPaint
GetClientRect
EndPaint
GetDC
InvalidateRect

gdi32

TextOutA
Rectangle
CreateRectRgnIndirect
RestoreDC
DeleteDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
GetDeviceCaps
CreateDCA
SetTextAlign

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumValueA

ole32

CreateOleAdviseHolder
OleSaveToStream
WriteClassStm
OleLoadFromStream
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
OleRegGetMiscStatus
OleRegEnumVerbs
OleRegGetUserType

oleaut32

OleCreatePropertyFrame
SysStringLen
LoadRegTypeLi
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
VarUI4FromStr
VariantClear

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

?CheckCurrentVersion@@YAHHHHH@Z
?CheckCurrentVersion@@YAHXZ
?RunMiniBug@@YAHPAD00000000@Z
?RunWeatherBug@@YAHXZ
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 244KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

665a0202c291ce097b68b3a966259d1f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

version

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 244KB - Virtual size: 242KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 244KB - Virtual size: 242KB

.reloc
Size: 8KB - Virtual size: 5KB