708b270fca2b5ccc79a2869b1de57d06_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

708b270fca2b5ccc79a2869b1de57d06_JaffaCakes118
Size

111KB
MD5

708b270fca2b5ccc79a2869b1de57d06
SHA1

ad5816fdd96750aa1d66559544210e54bc9583f7
SHA256

d1a596ec9f6e9ac759b5f4bdc25b00119c3cd9ad67edbf6bc486ff572c032746
SHA512

513966a3fb54eea5977da064567603aaa9a237ce95687e37156182c27ffb51a7e5fc93fe45c17fc70092d0720622f06b6ca41c318c8c40c198af0042c48ef805
SSDEEP

1536:gVun1AZj7wPnNOJLMEJFtiL0wkej2qRyK6iiyHOLA54TA5SA:gVY1AgeXJA0Y2TthLA540

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
708b270fca2b5ccc79a2869b1de57d06_JaffaCakes118

Files

708b270fca2b5ccc79a2869b1de57d06_JaffaCakes118
.dll windows:5 windows x86 arch:x86

b3b6e44ffa9ada34bd0ed1c6aec163b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

UrlEscapeA
StrRChrA
wnsprintfA
StrStrIA
SHDeleteKeyA

shfolder

SHGetFolderPathA

wininet

InternetOpenUrlA
InternetOpenA
InternetQueryDataAvailable
InternetReadFile
InternetGetConnectedState
InternetCloseHandle

rpcrt4

UuidCreate
UuidToStringA
RpcStringFreeA
UuidFromStringA

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
GetVolumeInformationA
Sleep
CloseHandle
GetModuleFileNameA
lstrcmpiA
WaitForSingleObject
CreateMutexA
lstrcatA
LocalFree
VirtualAlloc
VirtualFree
GetLastError
GetModuleHandleA
GetCurrentProcess
GetCurrentThread
GetVersionExA
ReleaseMutex
OpenMutexA
lstrlenA
HeapAlloc
GetProcessHeap
HeapFree
MultiByteToWideChar
DeleteCriticalSection
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
InitializeCriticalSection
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
WideCharToMultiByte
HeapDestroy
HeapReAlloc
HeapSize
GetStringTypeA
GetLocaleInfoA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ExitProcess
lstrcpyA
OutputDebugStringA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
CreateThread
IsValidCodePage
GetOEMCP
GetACP
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapCreate
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetModuleHandleW
GetCurrentThreadId
GetCommandLineA
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue

user32

wsprintfA
SetWindowPos

advapi32

RegFlushKey
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
GetTokenInformation
DuplicateTokenEx
GetLengthSid
SetTokenInformation
SetThreadToken
RegSetValueExA
SetSecurityInfo
ConvertStringSidToSidA
SetEntriesInAclA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
OpenProcessToken

shell32

ShellExecuteA

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance
CoInitialize

oleaut32

SysAllocString
VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
a
b

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3b6e44ffa9ada34bd0ed1c6aec163b1

Headers

File Characteristics

Imports

shlwapi

shfolder

wininet

rpcrt4

kernel32

user32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 78KB - Virtual size: 77KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 5KB - Virtual size: 14KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 78KB - Virtual size: 77KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 5KB - Virtual size: 14KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 9KB - Virtual size: 9KB