62d9496a330a618b8e5d3a1219e2a8a7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

62d9496a330a618b8e5d3a1219e2a8a7_JaffaCakes118
Size

372KB
MD5

62d9496a330a618b8e5d3a1219e2a8a7
SHA1

eff01e3b6bc77ee4aae933a48204ff6913fb38f8
SHA256

0b808a8897bab3e4cef993840fc4255449554c972ba8bd24c3448f7d3c367f47
SHA512

7ab16e93c72f19c49e9fa5399e207fbd66c7cc9129cf38f1c1a0871c61b04755afcd0b1b9551e48cb6bbe9e32e70f312bf009c2145e13c964cd4f3350ef1e71c
SSDEEP

3072:Z0B9nqnCOFUEkl+qTUVtFw/KCeDYLi3bisPJjKNKavTWbtOQruVAte14k65D4tFn:q/qClE++qYFacbDPhKN/d8teX6y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62d9496a330a618b8e5d3a1219e2a8a7_JaffaCakes118

Files

62d9496a330a618b8e5d3a1219e2a8a7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bfb8c9fcc5322e68b8ffd70eac4b8d49

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

xpcom

NS_GetComponentManager
NS_GetServiceManager
NS_GetMemoryManager
NS_Alloc
NS_Free

wininet

HttpSendRequestA
InternetCloseHandle
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetReadFile
HttpQueryInfoA

kernel32

GetFileType
SetHandleCount
GetStringTypeW
SetEnvironmentVariableA
SetEndOfFile
CreateFileW
GetTimeZoneInformation
GetLocaleInfoW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LoadLibraryA
InterlockedExchange
MultiByteToWideChar
WideCharToMultiByte
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
GetVersion
FindFirstFileA
CloseHandle
DeviceIoControl
CreateFileA
InterlockedIncrement
lstrlenW
CompareStringA
CompareStringW
lstrcmpiA
lstrcmpiW
lstrlenA
GetVersionExA
InterlockedDecrement
GetEnvironmentVariableA
GetEnvironmentVariableW
GetStringTypeExA
GetStringTypeExW
GetPrivateProfileStringA
CreateDirectoryA
GetCurrentDirectoryA
SetFileTime
SystemTimeToFileTime
GetSystemTime
WriteFile
FindClose
GetLocalTime
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateThread
GetACP
GetLocaleInfoA
GetThreadLocale
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetStartupInfoA
FreeLibrary
SetConsoleCtrlHandler
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeA
GetCurrentThread
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
Sleep
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualAlloc
GetProcAddress
GetModuleHandleA
GetSystemInfo
VirtualQuery
RtlUnwind
GetCurrentThreadId
GetCommandLineA
LCMapStringA
LCMapStringW
GetCPInfo
ExitProcess
HeapCreate
VirtualFree
FatalAppExitA
GetStdHandle
GetModuleFileNameA

user32

CharUpperW
UnregisterClassA
CharLowerW
CharLowerA
CharUpperA

ole32

OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoInitialize

shell32

SHGetSpecialFolderPathA

oleaut32

SysAllocStringLen
VariantClear
VariantInit
VariantCopy
SysFreeString
SysStringByteLen
CreateErrorInfo
SysAllocString
GetErrorInfo
VariantChangeType
SetErrorInfo
SysAllocStringByteLen

iphlpapi

GetAdaptersInfo

nspr4

PR_AtomicDecrement
PR_AtomicIncrement

Exports

Exports

NSGetModule

Sections

.text
Size: 292KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bfb8c9fcc5322e68b8ffd70eac4b8d49

Headers

File Characteristics

Imports

xpcom

wininet

kernel32

user32

ole32

shell32

oleaut32

iphlpapi

nspr4

Exports

Exports

Sections

.text Size: 292KB - Virtual size: 288KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 12KB - Virtual size: 20KB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 292KB - Virtual size: 288KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 12KB - Virtual size: 20KB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 12KB - Virtual size: 11KB