639afed7e1dd9bd8694fc01f673cf68b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

639afed7e1dd9bd8694fc01f673cf68b_JaffaCakes118
Size

2.7MB
MD5

639afed7e1dd9bd8694fc01f673cf68b
SHA1

77553a22c50ae3ed962e9532a955ee1cf796b4b3
SHA256

aa53c0cfafca41e027b7883801fab0d4eed03f9b002f08c8a3b97fafe14e2b9f
SHA512

627408b1269273dc84a7df9d887a4ff75bbc52fd6eb11f3342eff437d904f872643efe99172c9fe36faa279aca5943e4c236b31eaef9b0df4c3c229049f09fe3
SSDEEP

49152:oN3IS6unO1i+yTvjO9F5UF2vsx28lA+v6+FllFMQINGTDreP9FrQaN2:o0un2i9TvGF5U528lAr2MQvDr4H8aE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
639afed7e1dd9bd8694fc01f673cf68b_JaffaCakes118

Files

639afed7e1dd9bd8694fc01f673cf68b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

ae353118d90fde39646ca95dc62ad64b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
CreateTimerQueue
HeapLock
PurgeComm
TryEnterCriticalSection
ExitThread
BackupRead
EnterCriticalSection
WaitForMultipleObjectsEx
lstrcpynA
GetProfileStringA
LCMapStringW
ExpandEnvironmentStringsA
FormatMessageW
HeapAlloc
RtlMoveMemory
TerminateProcess
SystemTimeToFileTime
LocalFlags
CreateMailslotW
GlobalFindAtomA
GetFileSizeEx
GetLocalTime
GetThreadLocale
FindFirstFileA
AddRefActCtx
GetModuleHandleW
SetEvent
GetTickCount
GetLastError
LocalSize
RtlUnwind
GetLogicalDrives
lstrcmpA
LoadLibraryA
GetCommModemStatus
GetAtomNameA
AddAtomW
GlobalFlags
LCMapStringA
InterlockedExchangeAdd
CreateToolhelp32Snapshot
TerminateThread
GetProcessHeap
GetTimeFormatW
ReadDirectoryChangesW
GlobalAddAtomW
GetProcAddress

ole32

CoQueryProxyBlanket
FreePropVariantArray
OleRegGetUserType
CoMarshalInterface
CoDisconnectObject
StgIsStorageILockBytes
CoLockObjectExternal
OleGetAutoConvert
CoSwitchCallContext

user32

CharNextA
BroadcastSystemMessageW
GetAsyncKeyState
DialogBoxIndirectParamA
GetMenuCheckMarkDimensions
GetSystemMetrics
DefDlgProcW
SetWindowsHookExA
ScreenToClient
GetUpdateRgn
BeginDeferWindowPos
TrackPopupMenuEx
BeginPaint
AllowSetForegroundWindow
CopyImage
OpenDesktopW
DrawMenuBar
PtInRect
DestroyCursor
CreateDialogIndirectParamA
GetActiveWindow
CharUpperW
CloseDesktop
IsDialogMessageW
SetPropA
DrawAnimatedRects
DispatchMessageA
GetDlgItemTextW
ReleaseDC
DrawStateA
GetParent
GetUpdateRect
GrayStringA
GetTopWindow
MessageBoxA
AppendMenuW

oleaut32

SysAllocString
SysAllocStringByteLen

shlwapi

StrDupA
PathBuildRootW
PathUndecorateW
PathIsDirectoryW
SHRegGetValueW
PathRemoveFileSpecA
StrFormatByteSizeW
PathGetArgsW
PathAddBackslashW
PathStripToRootW

advapi32

SetEntriesInAclW
ChangeServiceConfigA
LockServiceDatabase
RegOpenCurrentUser
RegCloseKey
SaferGetLevelInformation
GetUserNameA
RegisterServiceCtrlHandlerW
RegDisablePredefinedCache
UnlockServiceDatabase
RegEnumValueA
SaferCloseLevel
CreateProcessAsUserA
ChangeServiceConfigW
RegQueryValueW
BuildTrusteeWithNameW
CredDeleteW

shell32

SHAppBarMessage
SHGetPathFromIDListW
SHFormatDrive
SHGetFolderPathAndSubDirW
SHGetFileInfoA
ShellAboutW
CommandLineToArgvW
DragAcceptFiles

gdi32

CreateBitmap
SetSystemPaletteUse
EnumFontsA
DeleteObject
SetMiterLimit
CreateFontIndirectA
GetMetaFileA
SetTextCharacterExtra
ScaleWindowExtEx
GetWorldTransform
SelectObject
EnumFontFamiliesExW
GetBrushOrgEx
GetRandomRgn
SetStretchBltMode
EnumEnhMetaFile
GetKerningPairsA
GetRegionData
PtInRegion
GetNearestColor
ScaleViewportExtEx
EnumMetaFile
SetWindowExtEx
StrokeAndFillPath
GetBkColor
GetGraphicsMode
GetTextCharset
GetCharABCWidthsW
GetBitmapDimensionEx
GetTextAlign
CreateCompatibleBitmap

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 924KB - Virtual size: 923KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae353118d90fde39646ca95dc62ad64b

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 924KB - Virtual size: 923KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 68KB - Virtual size: 66KB

.text
Size: 924KB - Virtual size: 923KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 68KB - Virtual size: 66KB