6645d467bed01872034fafeb416eb586_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6645d467bed01872034fafeb416eb586_JaffaCakes118
Size

460KB
MD5

6645d467bed01872034fafeb416eb586
SHA1

2e155bf3c8e3641bc65a5448de5094e34d0ccc8d
SHA256

96ffa5945d925047c5071532a644df390585d5868e9c97a4c2f3044f13de4f6a
SHA512

632e782c71d5f79e32286405d9f8334f3fbd922529ae62c70ad43b0051c43136ff91958fc1301f03ccc4c210488a99dd38d840722dcf7d52462c4913ab620d79
SSDEEP

6144:oSu6/rShnDfQ7eAFdR5QqLNWjELnPrEBE7xwtCH4i0+GnmTXSgJcfOT1KR0+q0f:ncnM7eAr6jELnPgBEqtCYi0XkXSFt0y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6645d467bed01872034fafeb416eb586_JaffaCakes118

Files

6645d467bed01872034fafeb416eb586_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

3aebda220a09f041e465cea7c2970d7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create

kernel32

lstrcmpiA
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
lstrcpyA
lstrcatA
GetProcAddress
LoadLibraryA
lstrcpynA
IsDBCSLeadByte
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
InterlockedExchange
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetShortPathNameA
GetTickCount
GetCurrentProcess
OpenProcess
CloseHandle
lstrcmpA
SetEnvironmentVariableA
GetLocaleInfoW
HeapSize
SetEndOfFile
SetConsoleCtrlHandler
GetOEMCP
GetACP
CreateFileA
ReadFile
SetStdHandle
UnhandledExceptionFilter
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetModuleHandleA
SetUnhandledExceptionFilter
FlushFileBuffers
SetFilePointer
WriteFile
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GlobalUnlock
TerminateProcess
GetCurrentThread
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
FatalAppExitA
ExitProcess
GetVersion
GetCommandLineA
RaiseException
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapReAlloc
GetCurrentThreadId
RtlUnwind
Sleep
LocalFree
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
lstrlenA
FlushInstructionCache
lstrlenW
InterlockedDecrement
InterlockedIncrement
GlobalAlloc
GlobalLock

user32

GetWindowTextA
SetWindowLongA
SetWindowRgn
UpdateWindow
DestroyWindow
SetWindowTextA
GetClassInfoExA
GetKeyboardLayoutList
EnumWindows
GetWindowTextLengthA
GetWindowLongA
MoveWindow
GetCursorPos
wsprintfA
SendMessageA
GetSysColor
SetFocus
IsChild
GetFocus
CallWindowProcA
EndPaint
FillRect
GetSystemMetrics
GetWindowRect
ShowWindow
ClientToScreen
GetClientRect
RegisterClassExA
LoadCursorA
DefWindowProcA
RegisterWindowMessageA
GetWindow
LoadMenuA
InsertMenuA
GetSubMenu
CheckMenuItem
TrackPopupMenu
SetCursor
GetActiveWindow
DialogBoxParamA
LoadIconA
EnumChildWindows
BeginPaint
InvalidateRgn
GetKeyState
PostMessageA
SystemParametersInfoA
MapWindowPoints
EndDialog
CharNextA
FindWindowA
CreateWindowExA
GetClassNameA
GetDlgItem
GetDC
InvalidateRect
SetCapture
ReleaseCapture
CreateAcceleratorTableA
GetParent
GetDesktopWindow
ReleaseDC
RedrawWindow
IsWindow
SetWindowPos

gdi32

CreateSolidBrush
CreateRectRgn
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
GetDeviceCaps
GetObjectA
GetStockObject
SetBkMode
SetTextColor
CreateFontIndirectA

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegQueryValueExA
RegEnumValueA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA

ole32

CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoTaskMemFree
StringFromCLSID
CoTaskMemAlloc
StringFromIID
OleRun
CoGetClassObject
OleLockRunning
CoTaskMemRealloc
CoGetMalloc

oleaut32

GetErrorInfo
VarUI4FromStr
VariantCopy
SysAllocStringLen
VariantChangeType
VariantClear
RegisterTypeLi
SetErrorInfo
CreateErrorInfo
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
LoadTypeLi
SysFreeString
SysStringLen
VariantInit
SysAllocString
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
SysAllocStringByteLen

urlmon

CoInternetGetSession

wininet

InternetGetConnectedState

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 344KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3aebda220a09f041e465cea7c2970d7d

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

urlmon

wininet

Exports

Exports

Sections

.text Size: 344KB - Virtual size: 342KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 20KB - Virtual size: 24KB

.rsrc Size: 16KB - Virtual size: 14KB

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 344KB - Virtual size: 342KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 20KB - Virtual size: 24KB

.rsrc
Size: 16KB - Virtual size: 14KB

.reloc
Size: 24KB - Virtual size: 23KB