72dc755db3ce78e8636f3dd19fb600ec_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

72dc755db3ce78e8636f3dd19fb600ec_JaffaCakes118
Size

120KB
MD5

72dc755db3ce78e8636f3dd19fb600ec
SHA1

9f865d71a5e66e99caa5adec40a2f165dbd84340
SHA256

9209cf18d0e128f0c5d099e597cfcea3a4768d98ffca9f7958de3df58b7ea164
SHA512

c08abf632401b7666bf71a59359cb9a3eb67e0320a94800b52715b49cef7c77d3990aea6a5e58030061dc87ca1ef8f373900db2001163e92140a1fdb5a07cd42
SSDEEP

3072:WCMFL3JEwlAwUj2mYkGBEBIpFy3E6f1uXmr71:kOwlGWgaF2X1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72dc755db3ce78e8636f3dd19fb600ec_JaffaCakes118

Files

72dc755db3ce78e8636f3dd19fb600ec_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

3742e3b216917372fabe073545179c05

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
CreateProcessA
InterlockedExchange
CreateFileMappingA
GetProcAddress
GetModuleHandleA
LocalFree
InterlockedIncrement
GetSystemTimeAsFileTime
LoadLibraryA
CloseHandle
CreateFileA
GlobalAlloc
MoveFileA
ReleaseMutex
CopyFileA
GetCurrentProcessId
EnterCriticalSection
InterlockedDecrement
GetProcessHeap
UnmapViewOfFile
VirtualQuery
VirtualProtect
CreateMutexA
InitializeCriticalSection
WriteFile
WaitForSingleObject
HeapFree
FindFirstFileA
Beep
GetEnvironmentVariableW
CompareStringA
FindFirstChangeNotificationA
CreateConsoleScreenBuffer
UnlockFileEx
GetSystemTime
WideCharToMultiByte
GetSystemDirectoryW
OpenEventA
UnlockFile
IsBadStringPtrA
FileTimeToSystemTime
GetNumberFormatW
GetSystemTimeAdjustment
ExitThread
ReadProcessMemory
lstrlenA
GetLocaleInfoW
TerminateJobObject
SetConsoleTextAttribute
IsWow64Process
CreateIoCompletionPort
RegisterWaitForSingleObject
CreateSemaphoreA
HeapWalk
GetEnvironmentStrings
FindResourceExW
PeekConsoleInputW
DosDateTimeToFileTime
FreeConsole
FindFirstFileExW
LocalSize
GetUserDefaultUILanguage
GlobalAddAtomW
RemoveDirectoryW
SetDefaultCommConfigW
LCMapStringA
ClearCommError
IsValidLanguageGroup
CreateMailslotA
GetDateFormatA
GetBinaryTypeA
FindVolumeClose
OpenMutexA
FlushConsoleInputBuffer
SetVolumeLabelW
VerifyVersionInfoA
GetUserDefaultLangID
GetModuleHandleExW
GetProfileIntW
ReadConsoleW
GetExitCodeProcess
ResumeThread
FindNextVolumeMountPointW
GetStringTypeExA
UnregisterWaitEx
FindResourceA
HeapUnlock
HeapDestroy
FormatMessageW
SetConsoleScreenBufferSize
GetSystemInfo
GetHandleInformation
lstrcatW
CreateWaitableTimerA
BindIoCompletionCallback
GetTapeParameters
GetCurrentDirectoryW
AddAtomA
SetComputerNameA
GetFileAttributesW
GlobalFlags
VirtualAlloc
ReadFileEx
GetFileTime
FindResourceW
WaitForMultipleObjects
GetConsoleMode
GetVersion
GetFileAttributesExA
FindCloseChangeNotification
VerLanguageNameW
HeapReAlloc
GetModuleFileNameW
GetShortPathNameA
GlobalFindAtomW
CancelWaitableTimer
GetDateFormatW
GetWindowsDirectoryA
FindFirstVolumeMountPointW
DisconnectNamedPipe
lstrcpyA
GetLogicalDriveStringsW
OpenFile
DeviceIoControl
GetEnvironmentStringsW
EnumUILanguagesW
GlobalHandle
MoveFileExW
GetStartupInfoA
GetLongPathNameW
WaitNamedPipeW
SuspendThread
ConvertDefaultLocale
InterlockedCompareExchange
GetComputerNameW
GetStringTypeW

ole32

CoInitialize
CoTaskMemAlloc
OleCreate
CoTaskMemFree
CoCreateInstanceEx
CoCreateGuid
CoUnmarshalInterface
CoFreeUnusedLibraries
MkParseDisplayName
StgIsStorageFile
CoInitializeEx
CreateItemMoniker
OleIsRunning
CoAllowSetForegroundWindow
CoSwitchCallContext
CoDisconnectObject
CoRegisterMessageFilter
OleCreateLink
OleLoadFromStream
OleLockRunning
CoEnableCallCancellation
CoQueryProxyBlanket
PropVariantClear
OleTranslateAccelerator
GetHGlobalFromILockBytes
CoCreateFreeThreadedMarshaler
StgOpenStorage
OleInitialize
CreateBindCtx
StringFromGUID2
OleCreateLinkToFile

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3742e3b216917372fabe073545179c05

Headers

File Characteristics

Imports

kernel32

ole32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB