70a13f7769275970614f859f8f2d1754_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

70a13f7769275970614f859f8f2d1754_JaffaCakes118
Size

176KB
MD5

70a13f7769275970614f859f8f2d1754
SHA1

c92c1c80e806d92995f934641b11fc916e3948be
SHA256

c1db5fb78d152cf70b27a2fb78674a5b51c6113cd831ca93b7427c6116323918
SHA512

9a291c034d154ab8a9560cbff3f1f081b1b789e308fa9f9c33ad0c5e680d927c772201765dfc4db3f9256c3e69b2d39203b926508669f8de4adacbad7c7cc406
SSDEEP

3072:QspK9jYuhOxuHPmz8xWRcenRPCU6g/d+XciJuUPAvvJkK7t:QspWYxW6ckRPCC+X5fPAvig

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70a13f7769275970614f859f8f2d1754_JaffaCakes118

Files

70a13f7769275970614f859f8f2d1754_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

fc880a4050645067812947847930b586

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DispatchMessageA
OpenClipboard
CloseClipboard
SystemParametersInfoA
SetWindowPos
TranslateMessage
RegisterClassExA
DefWindowProcA
SetTimer
GetMessageA
ShowWindow
CreateWindowExA
KillTimer
wsprintfA
EnumWindows
EnumChildWindows
GetWindowThreadProcessId
GetClassNameA

wininet

InternetSetOptionA
InternetOpenA
InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoA
InternetReadFile

oleaut32

GetErrorInfo
SysAllocString
SysFreeString
VariantClear

msvcrt

srand
toupper
strtok
fclose
fwrite
fopen
tmpnam
atoi
strtol
strstr
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
?what@exception@@UBEPBDXZ
wcslen
wcscmp
__mb_cur_max
wctomb
isupper
isalnum
strerror
isspace
isgraph
tolower
ispunct
strncpy
strchr
islower
printf
isxdigit
??2@YAPAXI@Z
??1exception@@UAE@XZ
??3@YAXPAX@Z
_CxxThrowException
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
malloc
free
isalpha

winmm

timeGetTime

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

advapi32

RegCloseKey
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegOpenKeyExA

rpcrt4

UuidToStringA

netapi32

Netbios

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
CoInitialize
CoCreateInstance

kernel32

WriteProcessMemory
CreateRemoteThread
GetCurrentProcessId
DeleteFileA
CreateProcessA
WaitForSingleObject
MoveFileExA
CreateFileA
GetLocalTime
OpenProcess
CloseHandle
lstrcmpA
lstrcmpiA
lstrcpynA
VirtualAllocEx
GetProcessTimes
GetEnvironmentStrings
GetCurrentDirectoryA
LoadLibraryA
GetLastError
GetProcAddress
GetFullPathNameA
GetThreadTimes
Sleep
GetCurrentThread
SetLastError
QueryPerformanceFrequency
HeapSize
HeapAlloc
LocalFree
FormatMessageA
HeapFree
GetVersion
GetCurrentProcess
GetWindowsDirectoryA
GetProcessHeap
lstrcpyA
GetSystemDirectoryA
GetSystemInfo
GetModuleFileNameA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
QueryPerformanceCounter
GetTickCount
SleepEx
FreeLibrary
GetVersionExA
FreeEnvironmentStringsA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc880a4050645067812947847930b586

Headers

File Characteristics

Imports

user32

wininet

oleaut32

msvcrt

winmm

psapi

version

shlwapi

advapi32

rpcrt4

netapi32

ole32

kernel32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 105KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 24KB - Virtual size: 24KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 108KB - Virtual size: 105KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 24KB - Virtual size: 24KB

.reloc
Size: 12KB - Virtual size: 8KB