84911c6fb4a0c142cba45f24f7d562ff_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

84911c6fb4a0c142cba45f24f7d562ff_JaffaCakes118
Size

136KB
MD5

84911c6fb4a0c142cba45f24f7d562ff
SHA1

cfd3cc7c6ecefb9bacf9cc090c38d32d8dad08a1
SHA256

dabcafcc4cd8efa41b175a65b3928f96628aa18d9e113d1139e354a3ac9d4c63
SHA512

62d59c30cc64d007ad327d133ff3bd961d23f41e6b37e5e616b251e26f31862fb5eb8c0d3285ced05860f5d5dad600dcb5ae6b072aea0b409de80bc1d51356f2
SSDEEP

3072:nA/a2Ouy2tgQxFiegdewMNiz7g5qZIf50oOgUt:gTecLgdewMNKcRf5dUt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84911c6fb4a0c142cba45f24f7d562ff_JaffaCakes118

Files

84911c6fb4a0c142cba45f24f7d562ff_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

bc3a29ff43dd1ca9ca176dc61bc67020

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
ImmSetConversionStatus
ImmNotifyIME

shlwapi

SHDeleteKeyA

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle
InternetQueryDataAvailable
InternetReadFile

kernel32

LoadResource
FindResourceA
GetLastError
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
GetVersion
TerminateProcess
OpenProcess
Process32Next
CloseHandle
Process32First
CreateToolhelp32Snapshot
GetSystemDirectoryA
WinExec
WriteFile
CreateFileA
WaitForSingleObject
GetConsoleCP
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
LCMapStringW
LCMapStringA
SetEndOfFile
Sleep
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
GetStdHandle
SetHandleCount
RtlUnwind
UnhandledExceptionFilter
ReadFile
GetFileAttributesA
SetFilePointer
GetCurrentThread
TlsGetValue
SetLastError
TlsFree
TlsAlloc
IsBadWritePtr
VirtualAlloc
FatalAppExitA
ExitProcess
VirtualFree
InitializeCriticalSection
DisableThreadLibraryCalls
HeapCreate
GetCommandLineA
ExitThread
TlsSetValue
CreateThread
DeleteFileA
HeapReAlloc
HeapAlloc
HeapFree

user32

GetWindowThreadProcessId
DefWindowProcA
SetWindowLongA
GetWindowLongA
CallWindowProcA
CreateWindowExA
CharNextA
RegisterClassExA
wsprintfA
LoadCursorA
DestroyWindow
GetClassInfoExA
GetWindowTextA
GetFocus
SetWindowTextA
CallNextHookEx
GetClassNameA
EnumWindows
GetKeyState
EnumThreadWindows
IsWindow
FindWindowExA
SetWindowsHookExA
SendMessageA
MessageBoxA
GetDC
ReleaseDC

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA
RegCreateKeyA
RegOpenKeyA
RegDeleteKeyA

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

oleaut32

VarUI4FromStr
SysStringLen
VariantChangeType
SysFreeString
SysAllocString
LoadTypeLi
RegisterTypeLi
VariantClear
SysAllocStringLen
VariantCopy
LoadRegTypeLi

gdi32

SetViewportOrgEx
SetWindowOrgEx
RestoreDC
SetMapMode
SaveDC
LPtoDP
GetDeviceCaps
CreateDCA
DeleteDC

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 766KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc3a29ff43dd1ca9ca176dc61bc67020

Headers

File Characteristics

Imports

imm32

shlwapi

wininet

kernel32

user32

advapi32

ole32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 766KB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 766KB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 7KB