8321116b8fed2c1f5d69ece1f99aedfc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8321116b8fed2c1f5d69ece1f99aedfc_JaffaCakes118
Size

208KB
MD5

8321116b8fed2c1f5d69ece1f99aedfc
SHA1

1a133ee533bb85bf33411b7ad7b4e1b985f487f4
SHA256

1ce1461aa31ee73531d60681d67bffe06c5d604b63eee9ed0b64e5dc5021129c
SHA512

a782fa186cce018436a4f5ee5afdedf486ae3039ac7cbfcf2e86ee227105cd41aaa79ff5eb5a01864da20973c952beb9430c7b9e2e4aeea2d87d3519becec065
SSDEEP

3072:iPv5Pwwc8zfSPHjcry31LNDW7y/16JHnJt1eXv7k6Z0Vy9Chi9Hn1Jy:i1dz6IrqA7y9qP1UB9VJy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8321116b8fed2c1f5d69ece1f99aedfc_JaffaCakes118

Files

8321116b8fed2c1f5d69ece1f99aedfc_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

1ca060e106ba8e3fd60e6a94af8351a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyA
RegFlushKey
RegQueryValueExA

gdi32

BitBlt
RealizePalette
SelectPalette
SelectObject
GetObjectA
CreateCompatibleDC
CreateFontIndirectA
GetStockObject
SetBkMode
SetTextColor
UpdateColors
CreateHalftonePalette
GetDeviceCaps
DeleteObject
DeleteDC
CreateRectRgnIndirect

kernel32

GetSystemInfo
GetVersionExA
HeapCreate
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
HeapDestroy
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyA
MultiByteToWideChar
lstrlenA
lstrcatA
WideCharToMultiByte
lstrlenW
GetModuleFileNameA
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
lstrcmpiA
CloseHandle
CreateProcessA
GetShortPathNameA
GetCurrentProcessId
GetDiskFreeSpaceExA
GetDriveTypeA
GetModuleHandleA
HeapAlloc
LoadResource
FindResourceA
GetLastError
LoadLibraryExA
lstrcpynA
DisableThreadLibraryCalls
CreateMutexA
ReleaseMutex
WaitForSingleObject
CreateEventA
SetLastError
WaitForMultipleObjects
SetEvent
GetTickCount
lstrcmpA
CreateDirectoryA
GetExitCodeProcess
WriteFile
ReadFile
GetFileSize
CreateFileA
DeleteFileA
LockResource
CreateThread
DebugBreak
HeapReAlloc
HeapFree
FindClose
SetFileAttributesA
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
FlushFileBuffers
SearchPathA
SetFileTime
GetFileTime
SetFilePointer
SetThreadPriority
ResumeThread
WritePrivateProfileSectionA
GetPrivateProfileIntA
GetPrivateProfileStringA
ResetEvent
LocalFree
UnmapViewOfFile
MapViewOfFile
SizeofResource
WritePrivateProfileStringA
GetSystemDirectoryA
GetCurrentDirectoryA
GetFileAttributesA
GetCommandLineA
MoveFileA
GetWindowsDirectoryA
GlobalMemoryStatus
VirtualProtect
VirtualQuery
OpenFileMappingA
DuplicateHandle
CreateFileMappingA
IsDBCSLeadByte

ole32

CreateOleAdviseHolder
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoUninitialize
CoInitialize
CLSIDFromProgID
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CoFreeUnusedLibraries
CoCreateInstance

oleaut32

VariantChangeTypeEx
SysAllocStringLen
VariantInit
SysStringLen
LoadRegTypeLi
VariantClear
RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString

user32

EqualRect
IntersectRect
InvalidateRect
EndPaint
GetClientRect
BeginPaint
GetWindowRect
GetParent
DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
SetFocus
KillTimer
PostQuitMessage
SetTimer
LoadImageA
MapWindowPoints
SendDlgItemMessageA
OffsetRect
CreateDialogParamA
SetForegroundWindow
EnableWindow
GetDlgItem
RedrawWindow
UpdateWindow
LoadStringA
ReleaseDC
GetDC
SetWindowTextA
GetSystemMetrics
SetCursor
EndDeferWindowPos
DeferWindowPos
GetWindowTextA
ScreenToClient
BeginDeferWindowPos
SetWindowRgn
SetWindowPos
GetFocus
IsChild
IsWindow
SendMessageA
GetWindowLongW
SetWindowLongW
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
CharNextA
CreateWindowExA
CallWindowProcA
GetWindowLongA
SetWindowLongA
UnionRect
PtInRect
GetKeyState
DefWindowProcA
CallWindowProcW
DefWindowProcW
PeekMessageA
PostMessageA
GetWindowThreadProcessId
GetClassNameA
EnumWindows
GetKeyboardType
UnregisterClassA
DestroyWindow

shell32

SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteA
SHGetPathFromIDListA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Update

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ca060e106ba8e3fd60e6a94af8351a1

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

oleaut32

user32

shell32

version

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 100KB - Virtual size: 99KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 100KB - Virtual size: 99KB

.reloc
Size: 8KB - Virtual size: 5KB