62c770844c96f25e404e7bcfed551998_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

62c770844c96f25e404e7bcfed551998_JaffaCakes118
Size

221KB
MD5

62c770844c96f25e404e7bcfed551998
SHA1

5e2ec3b45473d26e4ce0fc74de77ab53e8587e52
SHA256

487c34a0de016c3139d25941ef85b6c77a9b28099289ca8666cd2041bc922348
SHA512

e55f0f562df8e18706c61a3609bbc0ccaf5fcdb3caadd621435d77d8529ef11401ac2b4c9e33a4df8cc84d665c4c1132518db58a2c8a5de2af3ace20982bc6fe
SSDEEP

3072:VB9MuPLP5WLGu4sDmGS/+mdHR0EvFSWiTBfRfnWrNyE+5S8Mic:5PP5whSTR0+FdiTBJPWrNd58Mic

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62c770844c96f25e404e7bcfed551998_JaffaCakes118

Files

62c770844c96f25e404e7bcfed551998_JaffaCakes118
.dll windows:5 windows x86 arch:x86

99966b26ee5f9fe0c81b9cbb1d6ae2f3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

xpcom

NS_CStringGetData
NS_GetServiceManager
NS_StringCloneData
NS_CStringContainerInit2
NS_CStringContainerFinish
NS_CStringContainerInit
NS_CStringSetData
NS_StringSetData
NS_StringSetDataRange

shlwapi

StrStrA
StrCmpNIA
StrToIntA
StrNCatA
StrStrIA
wnsprintfA
StrRChrA

kernel32

WriteFile
SetStdHandle
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetStringTypeW
GetStringTypeA
ExitProcess
HeapSize
IsValidCodePage
FreeLibrary
LoadLibraryA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
lstrlenA
CreateThread
lstrcmpiA
TerminateThread
Sleep
GetProcessHeap
HeapFree
OpenMutexA
CloseHandle
GetProcAddress
GetLastError
SetEvent
WaitForSingleObject
CreateFileMappingA
MapViewOfFile
ResetEvent
lstrcpynA
GetComputerNameA
GetVolumeInformationA
GetTickCount
GetCurrentProcessId
CreateMutexA
ReleaseMutex
GetModuleHandleA
HeapAlloc
LocalFree
GetCurrentProcess
CreateEventA
GetOEMCP
GetACP
HeapReAlloc
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetExitCodeThread
VirtualAlloc
VirtualFree
HeapDestroy
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapCreate

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
SetNamedSecurityInfoA
GetSecurityDescriptorSacl
RegSetValueExA
RegCreateKeyExA
RegCreateKeyA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegDeleteValueA

shell32

ShellExecuteA

Exports

Exports

NSGetModule
NSModule

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99966b26ee5f9fe0c81b9cbb1d6ae2f3

Headers

DLL Characteristics

File Characteristics

Imports

xpcom

shlwapi

kernel32

advapi32

shell32

Exports

Exports

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 42KB - Virtual size: 41KB

.data Size: 7KB - Virtual size: 16KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 42KB - Virtual size: 41KB

.data
Size: 7KB - Virtual size: 16KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 12KB - Virtual size: 11KB