6006ae28ac359bc3deca13cff929698c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6006ae28ac359bc3deca13cff929698c_JaffaCakes118
Size

37KB
MD5

6006ae28ac359bc3deca13cff929698c
SHA1

0fe9db03e7696908d2afcde0cea3ace40e9e9d06
SHA256

d3767a5b9c875b8787efa18d4e1619f7a5277cbb729c39a470490097999807f5
SHA512

26f3efe2b3895ad741f43604f6ec3ee6b56b04d433d66d7be45d1a60245bf2e70edbe5a3ba8daa47fbedacd6d99f609890ea90b259b6bd4162337cf58b3ce00b
SSDEEP

768:KYSL+RBRyGcZrBw/yZyIF5NvIoavqXLiTpVEFq6owYJE:KPL+RBRyGc2q2y7upMqOYJE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6006ae28ac359bc3deca13cff929698c_JaffaCakes118

Files

6006ae28ac359bc3deca13cff929698c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

0f32e9940af1920cd45ff593a7c7035a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
HeapAlloc
GetSystemInfo
GetVersionExA
HeapCreate
lstrlenW
MultiByteToWideChar
GetShortPathNameA
GetModuleHandleA
GetModuleFileNameA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
GetLastError
LoadLibraryExA
IsDBCSLeadByte
lstrcpynA
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
GetProcAddress
LoadLibraryA
GetTempFileNameA
GetTempPathA
WriteFile
LockResource
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
DebugBreak
HeapReAlloc
HeapFree
Sleep
lstrcmpiA
lstrlenA
GetSystemDirectoryA
CreateFileA
lstrcpyA
lstrcatA
CreateProcessA
GetExitCodeProcess
InitializeCriticalSection
CloseHandle

user32

BeginPaint
GetClientRect
EndPaint
GetDC
ReleaseDC
InvalidateRect
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
IsWindow
GetParent
SetFocus
GetFocus
IsChild
DestroyWindow
GetClassInfoExA
LoadCursorA
RegisterClassExA
CreateWindowExA
CallWindowProcA
GetWindowLongA
ShowWindow
UnionRect
PtInRect
GetKeyState
DefWindowProcA
CharNextA
PeekMessageA
wsprintfA
SetWindowLongA

gdi32

CreateRectRgnIndirect
RestoreDC
DeleteDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
GetDeviceCaps
CreateDCA

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

ole32

OleLoadFromStream
OleRegGetUserType
OleRegEnumVerbs
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
WriteClassStm
OleSaveToStream
CreateOleAdviseHolder
OleRegGetMiscStatus

oleaut32

OleCreatePropertyFrame
VarUI4FromStr
SysStringByteLen
SysFreeString
SysAllocString
LoadTypeLi
RegisterTypeLi
SysStringLen
VariantClear
VariantChangeType
SysAllocStringByteLen
LoadRegTypeLi

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

winmm

timeGetTime

msvcrt

strncmp
strchr
atoi
memcmp
memcpy
memset
strlen

wsock32

gethostname
gethostbyname
WSACleanup
WSAStartup

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f32e9940af1920cd45ff593a7c7035a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

version

winmm

msvcrt

wsock32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 22KB - Virtual size: 22KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 22KB - Virtual size: 22KB

.reloc
Size: 3KB - Virtual size: 3KB