86dc75fe44dc750cdc25e0455ce6fd08_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

86dc75fe44dc750cdc25e0455ce6fd08_JaffaCakes118
Size

2.8MB
MD5

86dc75fe44dc750cdc25e0455ce6fd08
SHA1

c35e738164bc93cf7394d94621f8e26b11d9e5c9
SHA256

0667ec78d5abb20faee0a463dc787c202036991f57f8589bd580f545c53238a7
SHA512

f71572e450988381ea0ff79ef36bc26cc052115b5e1e09100a5963a0fb3c187f6279c8338996b409f94588081b9ff338961cfbbf5d1062eac0e38e69c6e28abb
SSDEEP

49152:oG83NfDtF9E0COwMd+IIcsUqPeyYnIfVUI1r7D4Ldbd0feX3A4uVNxBPJXxhssu:s3nF9E0CBMd+ITsUYvVl7DUZjn8VNnJi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86dc75fe44dc750cdc25e0455ce6fd08_JaffaCakes118

Files

86dc75fe44dc750cdc25e0455ce6fd08_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

2ec255eb00eea3df14b2159a6e220aa9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstChangeNotificationA
FlushFileBuffers
HeapValidate
SetVolumeLabelA
GetSystemDirectoryW
OpenEventW
LockFileEx
VirtualAlloc
FindFirstFileExW
GlobalHandle
GetDateFormatW
TransactNamedPipe
IsBadReadPtr
DeleteFileA
FindFirstFileA
FindNextVolumeW
CreateMutexA
GetTempPathA
GlobalFindAtomW
FindVolumeMountPointClose
GetQueuedCompletionStatus
GetCommandLineA
FindAtomA
CreateIoCompletionPort
GetAtomNameA
GetProfileSectionA
GetFileSizeEx
GetFileAttributesW
LockFile
GlobalFindAtomA
GetDiskFreeSpaceA
ExpandEnvironmentStringsA
SetComputerNameA
DnsHostnameToComputerNameW
RemoveDirectoryA
GetOverlappedResult
IsWow64Process
SearchPathW
CompareFileTime
MapViewOfFile
ChangeTimerQueueTimer
GetTapeParameters
GetThreadTimes
GetProcessAffinityMask
lstrcmpiW
SetMailslotInfo
GlobalAddAtomA
GetFileAttributesExW
GetVersionExW
GetVersion
GetProcessVersion
SetCommState
GetProcAddress
LoadLibraryA
GetNumberFormatW

ole32

CoMarshalInterThreadInterfaceInStream
OleLockRunning
StringFromIID
DoDragDrop
StgOpenStorage
OleCreateStaticFromData
CoInitialize
OleSetMenuDescriptor
FreePropVariantArray
CoAddRefServerProcess
CreateOleAdviseHolder
OleQueryLinkFromData
OleCreate
CoDisableCallCancellation
CoGetClassObject
OleGetAutoConvert
CoRevertToSelf

user32

LoadCursorW
DefDlgProcA
GetUserObjectInformationA
GetDlgCtrlID
TabbedTextOutW
HideCaret
SetActiveWindow
MsgWaitForMultipleObjectsEx
LoadBitmapA
GetDlgItemTextW
GetNextDlgTabItem
CheckRadioButton
IsZoomed
OpenDesktopW
UnhookWindowsHook
GetWindowWord
MessageBoxA
BeginDeferWindowPos
PeekMessageW
DefMDIChildProcA
DrawEdge
MonitorFromRect
GetQueueStatus
GetScrollBarInfo
SetScrollPos
FindWindowA
GetClassNameA
DrawAnimatedRects
IsDialogMessageW
IsWindow
SetCapture
EnableScrollBar
DeferWindowPos
OpenDesktopA
ChangeDisplaySettingsA
GetMessageA
GetMenuItemInfoA
GetMenuState
LoadStringW
TrackMouseEvent
SendMessageW
GrayStringW
CopyAcceleratorTableA
MonitorFromWindow
SetMenu
GetDesktopWindow
SetWindowTextA

oleaut32

SysAllocStringLen
SysStringLen

shlwapi

PathIsFileSpecW
SHRegGetValueW
PathFindExtensionW
AssocCreate
StrChrIW
PathAppendA
SHSetValueW

advapi32

RegConnectRegistryA
RegSetValueExW
QueryServiceLockStatusW
RegConnectRegistryW
CredReadDomainCredentialsW
OpenServiceW
RegSaveKeyW
GetServiceDisplayNameW
ObjectCloseAuditAlarmW
RegLoadKeyA

shell32

ExtractIconA
SHFormatDrive
SHGetSpecialFolderLocation
SHChangeNotify
ShellAboutW
SHPathPrepareForWriteW
SHCreateShellItem
ShellExecuteW

gdi32

StretchDIBits
RectVisible
SetTextColor
SetStretchBltMode
GetClipRgn
AnimatePalette
GetNearestPaletteIndex
OffsetRgn
StartPage
DPtoLP
Pie
CreatePenIndirect
GetTextCharacterExtra
SetROP2
CreateEnhMetaFileW
EndPath
SetLayout
GetNearestColor
CloseMetaFile
CreateMetaFileA
SetArcDirection
SetPixelV
SwapBuffers
CreatePalette

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1012KB - Virtual size: 1008KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ec255eb00eea3df14b2159a6e220aa9

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 1012KB - Virtual size: 1008KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 72KB - Virtual size: 69KB

.text
Size: 1012KB - Virtual size: 1008KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 72KB - Virtual size: 69KB