66cf4157605d7c274fac57f382c81c50_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

66cf4157605d7c274fac57f382c81c50_JaffaCakes118
Size

111KB
MD5

66cf4157605d7c274fac57f382c81c50
SHA1

e236e0a0a2df1741d4ada73c31dd0d4703586d19
SHA256

3debde619eea6ba2603167edaa7f6011128554679edda1f1bdd206922b46af2f
SHA512

af466e1358dd75fdf2c10567d8ae4bff315c01973b1a4fb159eee3540748b13d2414d652f5e040393aa29da4c8a6dbf75ee909e3acc1f0811ba31b21d8f24968
SSDEEP

3072:eM3yPgY2oovSssV5tCN9Ra70BgQCtXg/mAZPPq4ZRr3dJK0tJ:eEmgY2oovSssV6Y7Cg+/tPPq4Hdg0X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66cf4157605d7c274fac57f382c81c50_JaffaCakes118

Files

66cf4157605d7c274fac57f382c81c50_JaffaCakes118
.exe regsvr32 windows:5 windows x64 arch:x64

fcb200da8f786fe03d24c855f55d5ae1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shlwapi

StrRChrA
StrStrIA

advapi32

CryptHashData
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptCreateHash
CryptAcquireContextA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegOpenKeyA
SetServiceStatus
GetUserNameA

user32

CharLowerA
CharNextA
LoadStringA
wvsprintfA

kernel32

GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
CloseHandle
lstrlenA
GetModuleHandleA
GetStringTypeExA
GetThreadLocale
lstrcmpA
ReadFile
GetFileSize
CreateFileA
VirtualQuery
Sleep
SystemTimeToFileTime
GetCurrentProcessId
UnmapViewOfFile
ReleaseMutex
WaitForSingleObject
DuplicateHandle
GetCurrentProcess
OpenProcess
MapViewOfFileEx
VirtualFree
IsBadReadPtr
GetLastError
GetFileTime
GetVolumeInformationA
OpenFileMappingW
lstrlenW
GetComputerNameA
GetProcAddress
LoadLibraryA
FreeLibrary
GetSystemTime
GetModuleFileNameA
lstrcpynA
MoveFileExA
GetTickCount
GetVersionExA
FreeLibraryAndExitThread
CreateThread
CreateEventA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetEnvironmentStringsW
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
QueryPerformanceCounter
HeapReAlloc
RtlLookupFunctionEntry
RtlUnwindEx
GetModuleHandleW
ExitProcess
GetCommandLineA
HeapFree
HeapSetInformation
HeapCreate
HeapAlloc
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
RaiseException
RtlPcToFileHeader
HeapSize
WriteFile
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetStartupInfoA

ole32

OleUninitialize
CoCreateInstance
OleInitialize
StringFromGUID2

wininet

HttpOpenRequestA
HttpSendRequestA
InternetQueryDataAvailable
InternetConnectA
InternetGetConnectedState
InternetCheckConnectionA
InternetReadFile
InternetOpenA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetCloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcb200da8f786fe03d24c855f55d5ae1

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

advapi32

user32

kernel32

ole32

wininet

Exports

Exports

Sections

.text Size: 97KB - Virtual size: 96KB

.data Size: 4KB - Virtual size: 9KB

.pdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 97KB - Virtual size: 96KB

.data
Size: 4KB - Virtual size: 9KB

.pdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB