83c6ddd5761c1072ca0a35ea2c297714_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

83c6ddd5761c1072ca0a35ea2c297714_JaffaCakes118
Size

232KB
MD5

83c6ddd5761c1072ca0a35ea2c297714
SHA1

9779c96a0e8fd81232b945a771a4b17314e42285
SHA256

e23886189777c1094df68f9d00adcc40040489862f201a2c51c753a340c309c2
SHA512

c03e5eb599e2746eb11a7447941cbea578cf94a4ccc01741c166979ac6540ec6b3e33a07a8d11366bae9d39373c125cc8df299a3cbfc14190c5e16bb73d0174e
SSDEEP

3072:GNNRLYhr/tVcF8Hapqa6uzJBeMowlADQC3StCzU9EJIkehwMn9dehCYztSnKCAc:UUr/HgvpqanaIlA04SORI0s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83c6ddd5761c1072ca0a35ea2c297714_JaffaCakes118

Files

83c6ddd5761c1072ca0a35ea2c297714_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

c9e26f68a18289727f15bb092800d210

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
MultiByteToWideChar
lstrcatA
WideCharToMultiByte
lstrlenW
GetModuleFileNameA
GetShortPathNameA
GetModuleHandleA
SizeofResource
LoadResource
FindResourceA
LoadLibraryA
lstrcpyA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
CreateMutexA
CopyFileA
MoveFileA
DeleteFileA
CloseHandle
FreeLibrary
HeapDestroy
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
LoadLibraryExA
GetLastError
LocalFree
TerminateProcess
SetLastError
CreateDirectoryA
TlsGetValue
CompareStringA
LCMapStringA
SetEnvironmentVariableA
CompareStringW
GetStringTypeW
SetEndOfFile
ReadFile
GetOEMCP
GetStringTypeA
SetStdHandle
CreateFileA
GetACP
IsBadCodePtr
IsBadReadPtr
Sleep
InterlockedExchange
DisableThreadLibraryCalls
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
FindFirstFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCommandLineA
GetVersion
RaiseException
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
WriteFile
LCMapStringW
GetCurrentProcess
HeapSize
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
FlushFileBuffers
GetEnvironmentStrings
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetFilePointer
SetUnhandledExceptionFilter
GetCPInfo

user32

wsprintfA
CharNextA

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegDeleteValueA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoDisconnectObject

oleaut32

GetErrorInfo
SysStringByteLen
VariantCopy
VariantInit
SysAllocStringByteLen
VariantChangeType
SysStringLen
VariantClear
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysAllocString
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9e26f68a18289727f15bb092800d210

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 16KB - Virtual size: 25KB

.rsrc Size: 104KB - Virtual size: 101KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 16KB - Virtual size: 25KB

.rsrc
Size: 104KB - Virtual size: 101KB

.reloc
Size: 12KB - Virtual size: 8KB