6a0ab86d1ff5bda35391554412a1c7ca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a0ab86d1ff5bda35391554412a1c7ca_JaffaCakes118
Size

136KB
MD5

6a0ab86d1ff5bda35391554412a1c7ca
SHA1

d166f0479846a01f53f7add13ce0e5171e268077
SHA256

bab1a35f5b84d4ab5aa1903734762e945130b29e06bfe29339e2b6ebafc29876
SHA512

7c576277fb44edf8f57d833ff0e2fd34c6a8dd08a78f1cc15051b88f3dc71a59bf55d601264e0a83fe297a578274926b9b6fcd543ae0f59a15de0b9398b44c6d
SSDEEP

1536:aczl2AwwUVg0UTki/4fxqfeErvO+DmTUzmwfnvf1FowMwhl:a62AtiPUQiwszKyRawfnlFowMg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a0ab86d1ff5bda35391554412a1c7ca_JaffaCakes118

Files

6a0ab86d1ff5bda35391554412a1c7ca_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

f9a4f02c8aa8ab6a6213704d03be08d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LeaveCriticalSection
GetCurrentThreadId
EnterCriticalSection
GetCurrentProcess
lstrlenW
MultiByteToWideChar
GetShortPathNameA
FreeLibrary
SizeofResource
GetLastError
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
lstrcpyA
FlushInstructionCache
HeapDestroy
DeleteCriticalSection
lstrcatA
GetProcAddress
LoadLibraryA
SetLastError
GetModuleFileNameA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
InterlockedIncrement
GlobalLock
GlobalUnlock
DisableThreadLibraryCalls
InitializeCriticalSection
LoadLibraryExA
InterlockedDecrement
HeapFree
HeapAlloc
GetCPInfo
FlushFileBuffers
SetStdHandle
SetFilePointer
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
CloseHandle
LCMapStringW
LCMapStringA
ExitProcess
lstrlenA
TerminateProcess
HeapSize
TlsGetValue
SetEnvironmentVariableA
CompareStringW
CompareStringA
LocalFree
RtlUnwind
TlsSetValue
RaiseException
TlsAlloc
GetCommandLineA
GetLocalTime
GetVersion
GetTimeZoneInformation
TlsFree
HeapReAlloc
GetSystemTime
GetOEMCP
GetACP

user32

CreateWindowExA
GetWindowLongA
DefWindowProcA
DispatchMessageA
TranslateMessage
GetWindowTextA
LoadStringA
SetWindowTextA
SendMessageA
GetKeyState
GetWindowTextLengthA
GetClientRect
SetWindowLongA
ShowWindow
GetDlgItem
CharNextA
DestroyWindow
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
GetSubMenu
LoadMenuA
ReleaseDC
MessageBeep
FindWindowExA
GetWindow
GetFocus
MoveWindow
SetFocus
MapWindowPoints
TrackPopupMenu
DestroyMenu
GetDC
IsWindow
CallWindowProcA

gdi32

GetTextMetricsA
DeleteDC
GetStockObject
SelectObject

advapi32

RegEnumValueA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegQueryInfoKeyA

ole32

CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
RegisterDragDrop
ReleaseStgMedium

oleaut32

VarUI4FromStr
LoadTypeLi
RegisterTypeLi
SysAllocStringByteLen
SysAllocString
SysStringByteLen
SysFreeString
VariantInit
VariantClear
DispCallFunc
LoadRegTypeLi
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9a4f02c8aa8ab6a6213704d03be08d8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 44KB - Virtual size: 41KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 44KB - Virtual size: 41KB

.reloc
Size: 8KB - Virtual size: 6KB