737bae2e766b9294a75e33040373936b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

737bae2e766b9294a75e33040373936b_JaffaCakes118
Size

112KB
MD5

737bae2e766b9294a75e33040373936b
SHA1

5ad3cbb0664da6ff9ccdd88c313094f02bf49d9d
SHA256

aaaeb15735a3f0749a3699266734360a05abc9f6ae163d273fd6d239724a8401
SHA512

670b5fa81aaeeefe2ae21d0724d1687144131944138ff6d782c08141f88b2883b95f175f399d91d1f8aa093ece1a078b98def828fc0c789b07a5794d4c2a5750
SSDEEP

3072:C684CBf9H30Sdh34cdxXqnZcqpfCyoxN:GB90SdhdxXKe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
737bae2e766b9294a75e33040373936b_JaffaCakes118

Files

737bae2e766b9294a75e33040373936b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

85963a46bbfaa18000a49d234531b5cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LeaveCriticalSection
LocalFree
VirtualProtect
GetProcAddress
Sleep
CreateMutexA
WaitForSingleObject
LoadLibraryA
GetTickCount
CloseHandle
VirtualQuery
DeleteFileA
CreateFileA
GlobalAlloc
InterlockedDecrement
MapViewOfFile
MoveFileA
EnterCriticalSection
WriteFile
CreateThread
CopyFileA
FindFirstFileExW
GetTapeParameters
HeapCompact
CreateProcessW
GetModuleFileNameW
DeleteTimerQueueEx
SetFileApisToOEM
GetModuleHandleW
EnumResourceNamesA
FindNextVolumeMountPointW
SetFilePointer
WaitNamedPipeW
GetVolumeInformationW
VerSetConditionMask
FindNextChangeNotification
CreateEventA
SetTimeZoneInformation
HeapLock
HeapCreate
GetSystemInfo
WaitForSingleObjectEx
GetFileTime
GetDiskFreeSpaceW
HeapValidate
GetTimeZoneInformation
CreateJobObjectW
lstrcatA
WriteConsoleInputA
FindFirstChangeNotificationA
WaitForMultipleObjectsEx
GetCurrentDirectoryW
HeapDestroy
SetConsoleTextAttribute
PostQueuedCompletionStatus
FindResourceExW
SetProcessShutdownParameters
SizeofResource
HeapReAlloc
FindFirstFileA
HeapSetInformation
WriteProcessMemory
VirtualUnlock
SetInformationJobObject
PeekNamedPipe
GetBinaryTypeA
GetStartupInfoA
FindCloseChangeNotification
GetLocaleInfoA
FlushConsoleInputBuffer
DeleteFileW
SetConsoleTitleA
DeleteCriticalSection
LocalLock
ProcessIdToSessionId
GetThreadLocale
GetSystemDefaultLangID
CreateNamedPipeW
SetLocalTime
GetVersionExW
GetSystemWow64DirectoryW
GetCommandLineW
SetFileAttributesA
AddAtomW
FindNextFileA
WriteProfileStringA
GetStringTypeW
GetEnvironmentVariableA
GetStdHandle
GetUserDefaultLangID
LocalSize
TerminateProcess
OpenEventA
EnumResourceLanguagesA
ReadConsoleInputA
WriteConsoleW
GetEnvironmentStrings
GetVolumePathNameW
IsBadReadPtr
VirtualQueryEx
GlobalGetAtomNameW
FlushViewOfFile
AddAtomA
FillConsoleOutputCharacterW
GetTempFileNameA
GetDriveTypeW
GetDateFormatW
SetEvent
GetVersionExA
SetVolumeLabelW
SetStdHandle
FormatMessageW
TerminateJobObject
MoveFileExW
CreateFileMappingW
VirtualFree
GetStartupInfoW
GetDiskFreeSpaceA
CreateNamedPipeA
GetConsoleOutputCP
GetCurrentThread
SetEndOfFile
ReadConsoleInputW
GetFileAttributesW

shell32

SHParseDisplayName
DragFinish
SHGetSpecialFolderLocation
SHCreateShellItem
SHAddToRecentDocs
SHGetSettings
ExtractIconW
ShellExecuteExA
SHGetDesktopFolder
SHBrowseForFolderA
SHFormatDrive
SHGetPathFromIDListA
SHGetPathFromIDListW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85963a46bbfaa18000a49d234531b5cd

Headers

File Characteristics

Imports

kernel32

shell32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB