8905debef4396342a7cecb70cacc21c3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8905debef4396342a7cecb70cacc21c3_JaffaCakes118
Size

116KB
MD5

8905debef4396342a7cecb70cacc21c3
SHA1

925a9f2caeb16341d82fe1ac3ae4d43e528491ed
SHA256

1c7be1ba21f92ca38add808c8c1f1442b3391f96a71e3bfaed1ac7f190166a55
SHA512

ac8269109f734cd4779a322d7a157026b4e2af7ad2467cbb61cb7088c12032225dfc25c4fae74d15e2cd0d75749af0946a4899fff7ca8951946a0d0df895b98d
SSDEEP

3072:o+g71diQo+nT4Nt4zWBRsXmKFUbEsHgpyritTIgmO:VUdiQANe6sHDsHL+tTXmO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8905debef4396342a7cecb70cacc21c3_JaffaCakes118

Files

8905debef4396342a7cecb70cacc21c3_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

bf3cc500870aac4385eb740191cab4fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

UnlockFileEx
OpenEventA
CancelIo
PulseEvent
lstrcmpW
GetHandleInformation
GetFileSize
AddAtomA
lstrcmpA
HeapLock
LockFileEx
lstrlenW
GetFullPathNameW
ClearCommError
LocalFileTimeToFileTime
ReadConsoleInputW
LockFile
GlobalGetAtomNameA
GetStringTypeExA
FindFirstFileExW
FlushViewOfFile
FindFirstFileA
SleepEx
CreateProcessW
CreateFileMappingW
WriteFileEx
GlobalFindAtomW
WaitNamedPipeW
CopyFileW
GetUserDefaultLCID
GetDateFormatA
GetTempPathA
WriteConsoleW
OpenMutexW
FillConsoleOutputCharacterW
GetFileAttributesExW
LocalHandle
WaitForMultipleObjects
SetVolumeLabelW
GetCurrentDirectoryA
CompareFileTime
SetEvent
GetVersionExW
IsValidLanguageGroup
CreateMailslotA
GetSystemInfo
GetWindowsDirectoryW
HeapCreate
FindResourceW
VerifyVersionInfoW
lstrcpyW
SetComputerNameA
GetTapeParameters
HeapUnlock
FindAtomA
OpenThread
CreateJobObjectW
OpenFile
GetCurrentProcess
DuplicateHandle
SetEnvironmentVariableW
DeleteTimerQueueTimer
FindNextFileW
LocalFree
GetVolumeNameForVolumeMountPointW
HeapCompact
SetConsoleCursorPosition
CreateProcessA
GetModuleHandleA
CreateMutexA
VirtualQuery
EnterCriticalSection
InterlockedIncrement
CopyFileA
LoadLibraryA
Sleep
GetTickCount
InitializeCriticalSection
GetComputerNameA
GetProcAddress
LeaveCriticalSection
GetModuleFileNameA
CreateDirectoryA
ExpandEnvironmentStringsA
GlobalAlloc
HeapAlloc
ReadFile
CloseHandle
GetProcessHeap
WriteFile

user32

GetUpdateRect
ShowWindowAsync
ModifyMenuW
GetUpdateRgn
GetThreadDesktop
EnumChildWindows
GetScrollRange
GetScrollPos
LoadImageW
DefDlgProcA
GetTopWindow
EndTask
DialogBoxParamW
ChangeDisplaySettingsA
wvsprintfW
GetWindowTextA
RedrawWindow
NotifyWinEvent
CreateAcceleratorTableW
DestroyMenu
SetCaretPos
OpenWindowStationA
WindowFromPoint
SetClassLongA
IntersectRect
MsgWaitForMultipleObjectsEx
ToAsciiEx
GetDlgItemTextW
RemovePropA
PostThreadMessageA
TrackPopupMenuEx
GetMenuStringW
CharNextA
DrawFocusRect
SetPropW
wsprintfA
SetForegroundWindow
GetClassInfoW
InSendMessageEx
RegisterHotKey
GetParent
EndDialog
InvertRect
CopyAcceleratorTableA
CreateMenu
ReleaseCapture
GetMessageExtraInfo
FindWindowW
GetDlgItemInt
SetDlgItemInt
WaitMessage
EnableWindow
IsDialogMessageA
GetClassInfoExW
MessageBoxExW
SetProcessDefaultLayout
GetLastActivePopup
GetDlgItemTextA
GetWindowPlacement
GetDCEx
GrayStringW
wvsprintfA
VkKeyScanW
UnregisterClassW
GetMessageW
DestroyCursor
AllowSetForegroundWindow
FrameRect
DrawStateA
GetTabbedTextExtentA
DialogBoxIndirectParamW
CheckDlgButton
TabbedTextOutA
CreatePopupMenu
KillTimer
GetDlgCtrlID
SetDlgItemTextA
CloseDesktop
GetNextDlgTabItem
CharUpperBuffA
CharUpperW
GetSysColorBrush
UnregisterHotKey
LoadMenuA
ShowCursor
DefMDIChildProcA
DrawEdge
MapVirtualKeyW
PtInRect
GetWindow
SetMenuItemInfoA
IsCharAlphaW
SetThreadDesktop
GetCapture
ChildWindowFromPointEx
GetWindowThreadProcessId
GetWindowLongA
UnhookWindowsHookEx
FindWindowA
RegisterClassExA
GetClientRect
SetWindowsHookExA
SendMessageA
GetMessageA
GetClassNameA
DefWindowProcA
GetCaretPos

shlwapi

PathQuoteSpacesW
SHGetValueA
PathIsRelativeW
StrChrA
PathMatchSpecW
SHRegSetPathW
SHRegGetUSValueW
PathStripPathW
PathCombineW
UrlCanonicalizeW
PathAddBackslashA
PathAppendA
PathGetCharTypeA
AssocCreate
PathFindFileNameW
StrChrIW
StrCmpIW
SHDeleteKeyA
StrCmpNIW
StrStrIA
StrStrIW
UrlEscapeW
StrFormatByteSizeW
PathFindNextComponentW
PathFileExistsW
StrToIntW
StrToIntExW
SHDeleteKeyW
PathCanonicalizeW

advapi32

RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
LookupAccountNameA
RegQueryInfoKeyA
RegSetValueA
RegRestoreKeyW
SetEntriesInAclW
GetServiceKeyNameW
DuplicateTokenEx
ControlService
CreateServiceW
DeregisterEventSource
GetEffectiveRightsFromAclW
ClearEventLogW
RegSaveKeyExW
StartServiceW
GetNumberOfEventLogRecords
EnumServicesStatusW
ChangeServiceConfigA
EnumDependentServicesW
StartServiceCtrlDispatcherA
RegFlushKey
RegReplaceKeyW
CreateServiceA
ReadEventLogA
RegOpenKeyW
RegConnectRegistryW
CloseServiceHandle

gdi32

EqualRgn
PlayEnhMetaFileRecord
DeleteObject
CreateBitmapIndirect
FillRgn
EnumMetaFile
CreateDiscardableBitmap
ExtCreatePen
SetMagicColors
GetFontResourceInfoW
PaintRgn
ScaleWindowExtEx
CloseEnhMetaFile
PolyPolygon
CreateDCW
OffsetViewportOrgEx
GetBkMode
SetMapMode
GetTextCharset
CopyMetaFileA
GetPath
CreateHatchBrush
ExtEscape
SetWindowOrgEx
EnumFontsA
CreateMetaFileA
SetBkMode
GetTextColor
PolyBezier
GetCharWidthA
PlayMetaFileRecord
StartDocW
GetEnhMetaFileBits
CreateEllipticRgnIndirect
GetPaletteEntries
TextOutA
AbortDoc
SetBitmapDimensionEx
CreatePenIndirect
SetArcDirection
CreateICW
GetNearestPaletteIndex
GetTextExtentExPointA
GetTextMetricsW
FlattenPath
GetGlyphOutlineW
DeleteDC
GetCurrentObject
GetCharWidthW
SetTextColor
CreatePalette
GetObjectW
TextOutW
SetStretchBltMode
SetICMMode
EndDoc
GetSystemPaletteUse
GetCurrentPositionEx
SetAbortProc
PlayEnhMetaFile
SwapBuffers

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf3cc500870aac4385eb740191cab4fd

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

gdi32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB