6f4f2822571890338cc755ad2e39643f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6f4f2822571890338cc755ad2e39643f_JaffaCakes118
Size

188KB
MD5

6f4f2822571890338cc755ad2e39643f
SHA1

924cb10e70dd295146d7bfb7f9ba860efd2e1cb4
SHA256

fc7721469a6bc1f6c219eae75d0e17c62b71307c0b1c2aa787f125d638bc227d
SHA512

1e4db62af692f93c898464feb97c9b88be02c4dcc58a284edbc5e8c103e7f606d3f650e7cdd980b0d529293e475741898b63a4d2932ca29a43a8a7674051fcf6
SSDEEP

3072:89/46JCA3nzQfNuK29Jrwpw09iIfG0Y2qIRh565JWAUlHZNl0M/mrY+:8t46JCEzUP29FgH5LbIrGZ3h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f4f2822571890338cc755ad2e39643f_JaffaCakes118

Files

6f4f2822571890338cc755ad2e39643f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

1ec7820617d9c388a90e3888a4754722

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

netapi32

Netbios

iphlpapi

GetAdaptersInfo

kernel32

LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
WritePrivateProfileStringA
GlobalFlags
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
GetCPInfo
GetOEMCP
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetLocalTime
GetTimeZoneInformation
HeapReAlloc
GetCommandLineA
ExitProcess
TerminateProcess
GetFullPathNameA
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetFileTime
GetFileSize
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalAddAtomA
GetCurrentThread
GetCurrentThreadId
GlobalDeleteAtom
lstrcmpA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryA
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
CreateFileA
WriteFile
CloseHandle
GetFileAttributesA
FindFirstFileA
FindClose
GetModuleHandleA
LoadLibraryExA
FreeLibrary
IsDBCSLeadByte
lstrcatA
lstrcpyA
lstrcpynA
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
GetSystemDirectoryA
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
CreateProcessA
DeleteFileA
GetComputerNameA
CompareStringW
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetWindowPos
ShowWindow
GetClassInfoExA
SetWindowLongA
GetDlgItem
GrayStringA
DrawTextExA
TabbedTextOutA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
SetWindowTextA
GetClassNameA
GetWindowTextA
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx
wsprintfA
GetSystemMetrics
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
GetClassLongA
CreateWindowExA
GetCapture
WinHelpA
RegisterWindowMessageA
CallNextHookEx
GetMessageA
DestroyMenu
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
SendMessageA
SetCursor
PostMessageA
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CharNextA
UnregisterClassA
CharUpperA
DrawTextA

gdi32

GetStockObject
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
CreateBitmap
GetDeviceCaps
PtVisible
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc

comctl32

ord17

shlwapi

SHDeleteKeyA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
SHDeleteValueA
PathIsUNCA

ole32

CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CoInitialize
CoTaskMemFree
CoTaskMemRealloc

oleaut32

VariantChangeType
VariantClear
SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
SysStringLen
VariantInit

wininet

InternetOpenUrlA
InternetCloseHandle
InternetQueryDataAvailable
InternetReadFile
InternetOpenA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ec7820617d9c388a90e3888a4754722

Headers

File Characteristics

Imports

netapi32

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 117KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 20KB - Virtual size: 16KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 20KB - Virtual size: 16KB