74aabff12d332ff4dde897b9943bb7d5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

74aabff12d332ff4dde897b9943bb7d5_JaffaCakes118
Size

140KB
MD5

74aabff12d332ff4dde897b9943bb7d5
SHA1

fb97938644c79c325817a3f6bc57f12dd363e013
SHA256

4bbfcbf4b6129e8d4853196d69d7900d6b0afbf585fa6738081bad9dacf7ac4f
SHA512

713e235b870b13ad0ba37ac0dc9626b1f5e19b81627caf86dbbbadf736ecf3aaaa552ddb48619fa57b63b446ac53a9fc6396907f8eeb3c99e36edd3da1703762
SSDEEP

3072:kU5W72tjdPEZJ53MPzDAOrLJrc0Hc9fiONsA:kU5W7WPE8gOrxcoOB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74aabff12d332ff4dde897b9943bb7d5_JaffaCakes118

Files

74aabff12d332ff4dde897b9943bb7d5_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

fc395a853ff314a70508fcd8c02b8f09

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

GetErrorInfo
SysFreeString
VariantClear
SysAllocString

winmm

timeGetTime

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

psapi

EnumProcesses
GetModuleBaseNameA
EnumProcessModules

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
tolower
isalnum
strstr
isgraph
isalpha
free
atoi
tmpnam
fopen
fwrite
fclose
toupper
strchr
wcscmp
?what@exception@@UBEPBDXZ
wcslen
ispunct
printf
strerror
isxdigit
isspace
__mb_cur_max
malloc
wctomb
srand
strncpy
islower
isupper
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_CxxThrowException
??2@YAPAXI@Z
strtok
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
??3@YAXPAX@Z
_stricmp

user32

SetTimer
wsprintfA
DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
CreateWindowExA
RegisterClassExA
SystemParametersInfoA
SetWindowPos
GetClassNameA
GetWindowThreadProcessId
DefWindowProcA
EnumWindows
OpenClipboard
CloseClipboard
KillTimer
EnumChildWindows

ole32

CoInitialize
CoCreateGuid
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

shlwapi

SHGetValueA
SHSetValueA
StrStrIA

wininet

InternetCloseHandle
InternetOpenA
InternetSetOptionA
HttpQueryInfoA
InternetOpenUrlA
InternetReadFile

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegOpenKeyExA

rpcrt4

UuidToStringA

netapi32

Netbios

kernel32

GetCurrentProcessId
CloseHandle
QueryPerformanceCounter
QueryPerformanceFrequency
HeapSize
HeapAlloc
CreateFileA
HeapFree
GetLastError
lstrcpynA
GetFullPathNameA
GetModuleFileNameA
GetVersion
LocalFree
GetTickCount
GetThreadTimes
GetProcessHeap
OpenProcess
GetLocalTime
GetCurrentDirectoryA
FreeEnvironmentStringsA
GetEnvironmentStrings
lstrlenA
GetModuleHandleA
GetVersionExA
GetProcessTimes
GetCurrentProcess
MultiByteToWideChar
Sleep
lstrcmpiA
SetLastError
lstrcmpA
FreeLibrary
CreateRemoteThread
WriteProcessMemory
GetProcAddress
VirtualAllocEx
LoadLibraryA
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
GetSystemDirectoryA
GetWindowsDirectoryA
GetEnvironmentVariableA
InterlockedExchange
GetSystemInfo
GetCurrentThread
FormatMessageA
SleepEx
lstrcpyA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc395a853ff314a70508fcd8c02b8f09

Headers

File Characteristics

Imports

oleaut32

winmm

version

psapi

msvcrt

user32

ole32

shlwapi

wininet

advapi32

rpcrt4

netapi32

kernel32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 16KB - Virtual size: 19KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 16KB - Virtual size: 19KB

.reloc
Size: 8KB - Virtual size: 6KB