5cb39dcf8486f51a8dd2044739e60ef7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5cb39dcf8486f51a8dd2044739e60ef7_JaffaCakes118
Size

66KB
MD5

5cb39dcf8486f51a8dd2044739e60ef7
SHA1

c8aa3d8ffe94b2985aa1d3b41b18a7b235a3ff01
SHA256

73c7d9db1a8f13cae48ef658bcbb6b001f71a5b6e9791a2466e88d4606cb9d1c
SHA512

61f2b155b3abb9cc4de01f86aaf7ea2ff0f92635c2927368fc1240be3e231fdd80ef8052889d48adcfc86bc9a233bec0b982f9d151200bcf01fdba3fad2b1648
SSDEEP

768:eYWLKEyPbIdVEs/XyKp5gPHFOL6EnATBhNBoE81+Mx3bYzu6q5vPExtqoD2mcM:F0dVEmiC5gPloATBhBNMx35ceoD1cM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cb39dcf8486f51a8dd2044739e60ef7_JaffaCakes118

Files

5cb39dcf8486f51a8dd2044739e60ef7_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

ef43159087110fc8ac334b57e0f1adfb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetOEMCP
GetACP
LoadLibraryA
CreateFileA
SetFilePointer
SetEndOfFile
ReadFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCPInfo
GetCurrentProcess
FlushFileBuffers
SetStdHandle
RtlUnwind
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleHandleA
GetEnvironmentStringsW
FlushInstructionCache
lstrlenW
lstrlenA
DisableThreadLibraryCalls
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindFirstFileA
CreateDirectoryA
FindClose
FindResourceA
LoadResource
LockResource
GetSystemDirectoryA
GetCommandLineA
GetVersion
HeapFree
GetLastError
CloseHandle
WriteFile
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings

user32

PtInRect
UnionRect
GetKeyState
DefWindowProcA
SetWindowPos
BeginPaint
GetClientRect
EndPaint
InvalidateRect
IntersectRect
ShowWindow
OffsetRect
SetWindowRgn
EqualRect
IsWindow
GetParent
SetFocus
GetFocus
IsChild
DestroyWindow
CreateWindowExA
CallWindowProcA
GetWindowLongA
SetWindowLongA

gdi32

CreateRectRgnIndirect
GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
Rectangle
SetTextAlign
TextOutA

advapi32

RegDeleteKeyA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA

ole32

OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CoTaskMemFree
CreateOleAdviseHolder

oleaut32

OleCreatePropertyFrame
SysStringLen
LoadRegTypeLi
SysFreeString
VariantClear

atl

ord44
ord50
ord30
ord51
ord46
ord43
ord57
ord18
ord16
ord21
ord23
ord58
ord31
ord26
ord27
ord32
ord15

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef43159087110fc8ac334b57e0f1adfb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

atl

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 84KB - Virtual size: 80KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 84KB - Virtual size: 80KB

.reloc
Size: 8KB - Virtual size: 4KB