8a70cdc1c59193e88f90ba2e24900644_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8a70cdc1c59193e88f90ba2e24900644_JaffaCakes118
Size

104KB
MD5

8a70cdc1c59193e88f90ba2e24900644
SHA1

3e8c5ec056e4cc009f25a8834d0313dea6f8723f
SHA256

14d4f3c34f698566c4fcfb01117ba02e3683857cba424add2f9d7461023740d5
SHA512

a77d0361113ccc173fa7e82f6a4fa458a0a31bf991304d43529fe9cf4329b75c12a3f33df058cea872b523989d11513b92e8a95732231d4e129283cdbdbcb75b
SSDEEP

1536:T34Ubed8RHXa2WaoSfPkCqKkN9YVNyKAejcvL3POnrJj2BE9D91c5duQGcXvPh:Q8NXa2WaoLCAkqzWrzV9IuQGcXvPh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a70cdc1c59193e88f90ba2e24900644_JaffaCakes118

Files

8a70cdc1c59193e88f90ba2e24900644_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

0e702fe4faaada393cf1c5d0b991b3e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile

kernel32

CreateMutexA
WaitForSingleObject
CreateProcessA
CloseHandle
DeleteFileA
ReleaseMutex
lstrlenW
MultiByteToWideChar
lstrlenA
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
FindResourceA
SizeofResource
LockResource
LoadResource
FindResourceExA
WideCharToMultiByte
InterlockedExchange
GetACP
IsDBCSLeadByte
GetThreadLocale
GetVersionExA
FreeLibrary
LoadLibraryExA
lstrcatA
CreateFileA
WriteFile
GetTempPathA
GetTempFileNameA
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
SetFilePointer
VirtualQuery
lstrcpynA
lstrcmpiA
lstrcpyA
GetLastError
GetShortPathNameA
SetStdHandle
FlushFileBuffers
GetLocaleInfoA
GetSystemInfo
VirtualProtect
RtlUnwind
SetUnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetCurrentProcessId
GetTickCount
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
ExitThread
TlsSetValue
TlsGetValue
ResumeThread
CreateThread
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
ExitProcess
RaiseException
GetOEMCP
GetCPInfo
TlsFree
SetLastError
TlsAlloc
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
QueryPerformanceCounter

user32

CharNextA

advapi32

RegDeleteValueA
RegQueryValueExA
RegCreateKeyA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegQueryInfoKeyA

shell32

SHGetFileInfoA

ole32

CoCreateInstance
CoTaskMemFree
StringFromCLSID
CoCreateGuid
StringFromGUID2
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

UnRegisterTypeLi
RegisterTypeLi
SysAllocString
LoadTypeLi
LoadRegTypeLi
SysFreeString
SysStringLen
SysAllocStringLen
VarBstrCat
VarBstrCmp
VarUI4FromStr

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e702fe4faaada393cf1c5d0b991b3e6

Headers

File Characteristics

Imports

wininet

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 6KB