709bb1cdc085289003af83ec57cf86cc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

709bb1cdc085289003af83ec57cf86cc_JaffaCakes118
Size

248KB
MD5

709bb1cdc085289003af83ec57cf86cc
SHA1

6ad17ec3d5d7f645b55e9d8fa5d0eb541269fc8d
SHA256

c9757c8251d45220ef703e4ba0a05557031c17da41766c7b256b0933da041b48
SHA512

c75626c6f55e491d2296429d7159bb2c0361e4525a8aff9a92548fc7502c4eb4877cb6e7e3c3498a4f076c9be02a95dcf74ffe419fe968fa2ef52cb0d970fd50
SSDEEP

6144:W6Iuuz177uTl4VZV4emQFE4fOzVN91J5:/IuM17i5U3/fO79

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
709bb1cdc085289003af83ec57cf86cc_JaffaCakes118

Files

709bb1cdc085289003af83ec57cf86cc_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

a97d0bef4c816ec771ae110bf8f92ea4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
lstrcatA
MapViewOfFile
CreateFileMappingA
GetCurrentThreadId
GetCurrentProcessId
GetTickCount
GetSystemDefaultLangID
GetVersion
lstrcmpA
GetSystemDirectoryA
GetVersionExA
ReadFile
GetProcAddress
CreateFileA
SetFilePointer
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
WriteFile
CloseHandle
HeapDestroy
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
lstrlenW
MultiByteToWideChar
GetShortPathNameA
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
InitializeCriticalSection
WideCharToMultiByte
lstrlenA
GetModuleHandleA
GetPrivateProfileStringA
lstrcpyA
GetPrivateProfileIntA
GetModuleFileNameA
SetEndOfFile
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
LCMapStringW
LCMapStringA
ExitProcess
GetOEMCP
GetACP
GetCPInfo
GetCommandLineA
RtlUnwind
HeapAlloc
HeapReAlloc
HeapFree

user32

wsprintfA
CharNextA
GetClassNameA
ReleaseDC
DestroyMenu
DestroyIcon
PostMessageA
TrackPopupMenu
SetForegroundWindow
AppendMenuA
LoadImageA
wvsprintfA
SendMessageTimeoutA
FindWindowExW
IsWindowVisible
GetDC
DrawIconEx
GetCursorPos
SetTimer
KillTimer
GetWindowLongA
DefWindowProcA
GetForegroundWindow
RegisterWindowMessageA
EnumChildWindows
RegisterClassA
CreateWindowExA
SetWindowLongA
GetFocus
MessageBoxA
FindWindowA
IsWindow
SendMessageA
CreatePopupMenu
GetSysColor

gdi32

CreateFontIndirectA
Rectangle
TextOutW
SetBkMode
ExtTextOutW
ExtTextOutA
SetTextColor
SetBkColor
SelectObject
GetTextExtentPoint32W
GetTextExtentPoint32A
DeleteObject
CreateDCA
TextOutA
DeleteDC
EnumFontFamiliesA

advapi32

RegSetValueExA
RegQueryValueExA
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
StringFromIID
CLSIDFromString
CoUninitialize
CoInitialize
CoGetMalloc
CoCreateInstance

oleaut32

SysAllocStringLen
VarUI4FromStr
SysFreeString
LoadTypeLi
VariantCopy
VariantChangeType
VariantClear
VariantInit
SysStringLen
LoadRegTypeLi
RegisterTypeLi
SysAllocString

winmm

PlaySoundA

shlwapi

StrToIntA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a97d0bef4c816ec771ae110bf8f92ea4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

winmm

shlwapi

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 38KB

.rsrc Size: 128KB - Virtual size: 127KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 38KB

.rsrc
Size: 128KB - Virtual size: 127KB

.reloc
Size: 8KB - Virtual size: 6KB