78c07b15b1678b29056ce20856881eda_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

78c07b15b1678b29056ce20856881eda_JaffaCakes118
Size

128KB
MD5

78c07b15b1678b29056ce20856881eda
SHA1

405e867f49286c3750d54a8f99836e0fb3f3f086
SHA256

f175ce8da7e835f80d447ce3621e1b2e5f2eb58065e6291a9ec6b6769bef6e14
SHA512

29e34af0512fef8701c5ab0b1ad7e718f1637324cf36e1a36f0c4ce6c01dcef04565510663be49b7bb44d0ae363e1c6f0a44717e195209b8a9413dd470537238
SSDEEP

3072:ECfE8s8jeYluqiF5Eoh3Nh9pEO6fSJAcrdc+g8UVUQi:ECi8j/gqif3n9pEoJFrdc+g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78c07b15b1678b29056ce20856881eda_JaffaCakes118

Files

78c07b15b1678b29056ce20856881eda_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

1807f95e3d540dfecea705788845138d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedExchange
CreateProcessA
CloseHandle
GetModuleHandleA
GetComputerNameA
GlobalAlloc
WaitForSingleObject
VirtualProtect
GetModuleFileNameA
GetCurrentProcessId
ReleaseMutex
HeapFree
LocalFree
InitializeCriticalSection
EnterCriticalSection
CreateFileMappingA
CreateFileA
LoadLibraryA
HeapAlloc
UnmapViewOfFile
CreateDirectoryA
InterlockedDecrement
GetProcAddress
VirtualQuery
MapViewOfFile
ExpandEnvironmentStringsA
GetSystemTimeAsFileTime
CreateMutexA
FindAtomW
SearchPathW
GetCurrentThreadId
CreateEventW
ConvertDefaultLocale
SearchPathA
IsBadStringPtrW
RtlUnwind
GetProfileIntA
GlobalMemoryStatusEx
WaitForSingleObjectEx
GetSystemDefaultUILanguage
HeapCreate
lstrcatW
GetStringTypeExA
ResetEvent
WriteConsoleInputA
HeapLock
SwitchToThread
CreateNamedPipeW
RtlMoveMemory
GetDiskFreeSpaceW
ReadConsoleW
GetConsoleScreenBufferInfo
Beep
GetUserDefaultUILanguage
GetUserDefaultLCID
GetTempPathW
DosDateTimeToFileTime
SetNamedPipeHandleState
GetStringTypeW
GetSystemWow64DirectoryW
OpenMutexA
QueueUserWorkItem
CreateJobObjectW
GetLongPathNameW
ClearCommError
SetHandleInformation
SetConsoleCtrlHandler
GlobalAddAtomW
LocalAlloc
WriteConsoleA
FlushFileBuffers
GetDiskFreeSpaceA
ReadFileEx
DeleteCriticalSection
IsBadWritePtr
CreateWaitableTimerA
LocalSize
FindVolumeMountPointClose
GetSystemTime
GlobalDeleteAtom
MoveFileExA
ReadConsoleInputW
LockFileEx
FreeEnvironmentStringsW
CancelIo
OpenSemaphoreW
OpenProcess
FreeLibraryAndExitThread
UnlockFileEx
SetFilePointer
SystemTimeToFileTime
GetEnvironmentVariableW
GetCurrentThread
GetThreadTimes
RegisterWaitForSingleObject
SleepEx
CreateMailslotA
GetWindowsDirectoryA
FormatMessageA
FindFirstVolumeMountPointW
GetExitCodeThread
AreFileApisANSI
WaitNamedPipeW
GlobalGetAtomNameA
SetFileAttributesA
LocalFlags
IsValidLanguageGroup
LockResource
GetStdHandle
OpenFileMappingA
GetVolumeInformationA
GetLogicalDriveStringsW
IsWow64Process
lstrcmpiW
SetEnvironmentVariableW
OpenFile
FindFirstChangeNotificationA
GetComputerNameW
LockFile
WriteProcessMemory
GetDiskFreeSpaceExW
GetProcessVersion
CompareStringA
EscapeCommFunction
FindFirstFileA
GetAtomNameW
SetStdHandle
GetCommandLineW
GetSystemTimeAdjustment
VerLanguageNameW
WriteProfileStringA
CreateTimerQueueTimer
SetComputerNameA
DeleteFileW
WriteProfileStringW
GetFileTime
AssignProcessToJobObject
MoveFileW
FindResourceExW
TryEnterCriticalSection
DisconnectNamedPipe
GetFileSize
QueueUserAPC

ole32

RevokeDragDrop
GetRunningObjectTable
CoGetMalloc
OleSaveToStream
OleCreateLink
OleTranslateAccelerator
OleCreateLinkFromData
OleLoad
StringFromGUID2
CoInitializeEx
OleRegGetMiscStatus
CoFreeUnusedLibrariesEx
CoCreateInstanceEx
CoGetCallContext
CoQueryProxyBlanket
OleLockRunning
CreateDataCache
CreateItemMoniker
CoUninitialize
CoTaskMemAlloc
OleSetContainedObject
CoInitialize
CoSwitchCallContext

user32

WaitMessage
CreateCursor
GetDC
UnionRect
IsDialogMessageA
SetWindowsHookExA
RegisterClassExA
GetWindowLongA
UnhookWindowsHookEx
SendMessageA
GetWindowThreadProcessId
DispatchMessageA
CreateWindowExA
DefWindowProcA
GetClientRect
GetMessageA
SetWindowLongA
InSendMessageEx
SetCursor
TranslateMessage
CallWindowProcA
GetInputState
CharNextW
EndDialog
GetDlgItemTextW
AdjustWindowRectEx
MapDialogRect
OpenWindowStationW
NotifyWinEvent
OpenDesktopW
MonitorFromWindow
FindWindowW
ShowCursor
CreatePopupMenu
IsChild
RedrawWindow
EndDeferWindowPos
GetWindowTextA
SetWindowRgn
GetWindowTextLengthW
SendMessageTimeoutA
DialogBoxIndirectParamW
CharToOemA
InSendMessage
InvertRect
DestroyMenu
LoadBitmapW
OpenWindowStationA
GetSysColor
DefFrameProcW
GetAsyncKeyState
GetScrollRange
CheckRadioButton
CharLowerBuffA
WinHelpW
DestroyCaret
EqualRect
DispatchMessageW
SwitchToThisWindow
DeleteMenu
FindWindowExW
SetWindowWord
DrawTextExW
GetWindowInfo
BeginDeferWindowPos
SetMenuItemBitmaps
SubtractRect
GetUserObjectInformationA
IsCharAlphaNumericA
GetUpdateRect
GetClassNameW
LoadImageA
RegisterWindowMessageW
ScrollDC
PostThreadMessageA
wvsprintfA
CreateAcceleratorTableW
AdjustWindowRect
GetDlgCtrlID
DeferWindowPos
GetNextDlgTabItem
PackDDElParam
GetCapture
ScreenToClient
CharPrevW
GetMenuStringW
ReuseDDElParam
AllowSetForegroundWindow
SetMenuItemInfoA
GetMessageW
GetMenuItemCount
SetProcessDefaultLayout
DefWindowProcW
ReplyMessage
IsMenu
EnumWindows
TabbedTextOutA
SendNotifyMessageA
IsWindowVisible
ReleaseDC
GetCaretPos
VkKeyScanW
TrackPopupMenuEx
LockWindowUpdate
MessageBoxExW
SetForegroundWindow
CopyRect
DrawEdge
ChildWindowFromPointEx
EnumDisplaySettingsA
GetMenuDefaultItem
ChangeDisplaySettingsA
SetDlgItemInt
GetShellWindow
SetDlgItemTextA
LoadCursorA
UnregisterClassA
SetMenuItemInfoW
EndTask
GetScrollBarInfo
GetCursorPos
SetScrollInfo
CharLowerA
DestroyIcon
ShowScrollBar
KillTimer
wsprintfA
OemToCharA
EnumDisplaySettingsW
SendDlgItemMessageA
CharLowerBuffW
GetMenuItemInfoA
GetClassLongW
GetMenuItemID
LoadImageW
GetWindowTextLengthA
GrayStringA
GetMenu

shell32

ShellExecuteW
SHChangeNotify
SHGetInstanceExplorer
ShellAboutA
SHCreateShellItem
SHGetDesktopFolder
SHBrowseForFolderW
ExtractIconExW
ExtractIconW
SHBindToParent
SHGetSettings
SHGetMalloc
ShellExecuteExA
DragAcceptFiles
SHGetSpecialFolderPathW
SHGetFolderPathAndSubDirW
SHFileOperationA
SHGetFolderPathA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1807f95e3d540dfecea705788845138d

Headers

File Characteristics

Imports

kernel32

ole32

user32

shell32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB