6370645b95c8a81e0949994a410b5134_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6370645b95c8a81e0949994a410b5134_JaffaCakes118
Size

84KB
MD5

6370645b95c8a81e0949994a410b5134
SHA1

595a2c82a2c0746cd7f353d14121ab37aba868ca
SHA256

ca53c732b6006ebe2ccc0b89cca86520e776834e3c7af2bda8e1003b37c272f7
SHA512

9cbbcfbccd712c63da203a9ed2ff72e32e89f5b3c12e05beadf57a5e793b2d554797313cb847f400dea1224aac51015f34a9caa2c28263498d28ac954cc01f14
SSDEEP

1536:flbC1Rfy/4GOizGGS9fcaS0ANWDrHR02/VeMZzCb8ZS2rqCl6g/NReb21:flbC1Rfy/42/S9fvy29eMZzCbQXmClbh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6370645b95c8a81e0949994a410b5134_JaffaCakes118

Files

6370645b95c8a81e0949994a410b5134_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

9be13f2b612903afc1c77de2fac14181

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetLocaleInfoA
InterlockedDecrement
InterlockedIncrement
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
MultiByteToWideChar
GetModuleFileNameA
lstrcpynA
GetFileAttributesA
GetVersion
InitializeCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
FreeLibrary
HeapReAlloc
lstrcpyA
WideCharToMultiByte
LoadResource
FindResourceA
lstrlenA
HeapAlloc
HeapFree
LockResource
lstrlenW
GetProcessHeap
LeaveCriticalSection
EnterCriticalSection
IsBadWritePtr
lstrcatA

user32

SetParent
EndPaint
BeginPaint
MoveWindow
DestroyWindow
ReleaseDC
GetDC
CharNextA
PtInRect
IntersectRect
GetActiveWindow
DefWindowProcA
OffsetRect
EqualRect
SetWindowRgn
GetKeyState
SetFocus
SetDlgItemTextA
UnregisterClassA
SetWindowLongA
LoadAcceleratorsA
GetDlgItem
GetWindowRect
ScreenToClient
EnableWindow
GetSystemMetrics
SetRect
SetWindowPos
GetDialogBaseUnits
CreatePopupMenu
InsertMenuItemA
SetWindowTextA
GetFocus
GetNextDlgTabItem
ShowWindow
InvalidateRect
DialogBoxParamA
CreateWindowExA
GetClientRect
CharPrevW
LoadCursorA
RegisterClassA
EndDialog
GetWindowTextLengthA
GetWindowTextA
MessageBoxA
ClientToScreen
SetRectEmpty
CreateDialogIndirectParamA
EnableMenuItem
TrackPopupMenuEx
GetWindowLongA
GetParent
SendMessageA
LoadStringA
IsWindowVisible
CharNextW
wsprintfA
TranslateAcceleratorA

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

advapi32

RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueA
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExA
RegCloseKey

oleaut32

SetErrorInfo
OleCreatePropertyFrame
SysAllocStringLen
LoadTypeLibEx
UnRegisterTypeLi
LoadTypeLi
RegisterTypeLi
SysAllocString
VariantInit
VariantChangeType
VariantClear
LoadRegTypeLi
SysFreeString
LHashValOfNameSys
CreateErrorInfo

gdi32

SetViewportExtEx
SetMapMode
SetWindowExtEx
LPtoDP
CreateRectRgnIndirect
CreateDCA
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
GetViewportExtEx
GetWindowExtEx
CreateCompatibleDC
GetDeviceCaps

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterDesigner
DllRegisterServer
DllUnregisterDesigner
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9be13f2b612903afc1c77de2fac14181

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 54KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 54KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 8KB - Virtual size: 4KB