7702b847ec1001b0b01c9138b041a313_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7702b847ec1001b0b01c9138b041a313_JaffaCakes118
Size

144KB
MD5

7702b847ec1001b0b01c9138b041a313
SHA1

4e7ae06200f942418137adec052914e855344318
SHA256

6f98cae78666b8546ef3c8c23af7f84d1f54efa40e3f7947b03779b06f9440c9
SHA512

c0c65817cbd47a039bba070096f2348112fefdd96f7167cc7e4dbe195b62905ea1c8aeaf489822380e2b4f45290281c5c706ad00ab04f29924936025f1397187
SSDEEP

1536:FmNCk+oH1XA17zq4EgQ6xRvvtB8WTBAau3hzEFtiTICS4AFZJydY+vvqLaK9ZXiK:FDohA17et8Rvv4W4h4thNJydY+HtHuJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7702b847ec1001b0b01c9138b041a313_JaffaCakes118

Files

7702b847ec1001b0b01c9138b041a313_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

317f463365affbc0280c0bb0c9c3ec1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

psapi

EnumProcesses
GetModuleBaseNameA
EnumProcessModules

msvcrt

_stricmp
toupper
strtok
printf
strstr
islower
wcslen
?what@exception@@UBEPBDXZ
wcscmp
ispunct
tolower
isgraph
wctomb
__mb_cur_max
isxdigit
free
malloc
strncpy
isspace
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
_CxxThrowException
strchr
??3@YAXPAX@Z
??2@YAPAXI@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
srand
atoi
tmpnam
fopen
fwrite
fclose
isupper
strerror
isalnum
isalpha

winmm

timeGetTime

netapi32

Netbios

oleaut32

SysAllocString
GetErrorInfo
VariantClear
SysFreeString

shlwapi

SHSetValueA
SHGetValueA
StrStrIA

wininet

InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenA
InternetSetOptionA
InternetOpenUrlA

ole32

CoCreateInstance
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid

user32

OpenClipboard
CloseClipboard
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
wsprintfA
DefWindowProcA
SetWindowPos
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
SetTimer
KillTimer
SystemParametersInfoA

advapi32

CryptReleaseContext
CryptAcquireContextA
RegCloseKey
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
CryptGenRandom

rpcrt4

UuidToStringA

kernel32

Sleep
GetModuleFileNameA
lstrcpyA
GetEnvironmentStrings
FreeEnvironmentStringsA
LoadLibraryA
VirtualAllocEx
GetProcAddress
WriteProcessMemory
CreateRemoteThread
FreeLibrary
GetWindowsDirectoryA
CreateFileA
FormatMessageA
LocalFree
lstrcmpiA
SetLastError
GetLastError
GetProcessHeap
HeapAlloc
HeapSize
GetVersion
lstrlenA
HeapFree
SleepEx
OpenProcess
CloseHandle
GetLocalTime
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
lstrcmpA
GetSystemDirectoryA
GetThreadTimes
GetCurrentThread
GetCurrentProcessId
GetCurrentDirectoryA
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
GetFullPathNameA
GetSystemInfo
GetCurrentProcess
MultiByteToWideChar
GetProcessTimes
lstrcpynA
InterlockedExchange
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

317f463365affbc0280c0bb0c9c3ec1a

Headers

File Characteristics

Imports

version

psapi

msvcrt

winmm

netapi32

oleaut32

shlwapi

wininet

ole32

user32

advapi32

rpcrt4

kernel32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 20KB - Virtual size: 23KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 23KB

.reloc
Size: 8KB - Virtual size: 6KB