8ce869925daa76d0c7dc1fbc3e8ad579_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8ce869925daa76d0c7dc1fbc3e8ad579_JaffaCakes118
Size

104KB
MD5

8ce869925daa76d0c7dc1fbc3e8ad579
SHA1

71d466930af0897d12968e74e6fc46c10db8e644
SHA256

17cd3fe1f94094ba7dc84c308446854d0c92dc5f015fe26402b30ed9888eb8a2
SHA512

188e96cb506bc199ddbcd15df0746154538d3aaf9497496d471511c1519f7577248566a67d6a0667ddc7c012cc7893e1f0c74e492dab01a96d114473ccdc7b77
SSDEEP

1536:qf/DgS7h6wP4HGysVZdaUWupEnkrURacTsv+veo8a91G1HvF+RFbsc6Z:qf/DgS7s9HDUWHoieo8aXcHvsRFbsc6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ce869925daa76d0c7dc1fbc3e8ad579_JaffaCakes118

Files

8ce869925daa76d0c7dc1fbc3e8ad579_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

fd875dd29e26073c5c18d5ec051043b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReleaseMutex
InterlockedIncrement
CloseHandle
GetModuleFileNameA
MapViewOfFile
LocalFree
GetModuleHandleA
EnterCriticalSection
Sleep
InitializeCriticalSection
CreateProcessA
CreateDirectoryA
MoveFileA
DeleteFileA
CopyFileA
GetTickCount
InterlockedExchange
CreateFileMappingA
VirtualProtect
GetProcAddress
GetLastError
LoadLibraryA
CreateThread
CreateMutexA
GlobalGetAtomNameW
LocalAlloc
SetConsoleCtrlHandler
WaitNamedPipeW
GetThreadContext
LocalReAlloc
SetTimeZoneInformation
GetTempPathA
VirtualAllocEx
GetSystemWow64DirectoryW
AllocConsole
HeapUnlock
FormatMessageW
SetCurrentDirectoryA
GetSystemInfo
ReadProcessMemory
ConnectNamedPipe
PostQueuedCompletionStatus
SwitchToThread
SetEvent
FindNextVolumeMountPointW
IsValidCodePage
GetVolumeNameForVolumeMountPointW
GetVersion
SetEnvironmentVariableA
EnumResourceLanguagesA
CreateNamedPipeA
PeekConsoleInputA
FindVolumeClose
SetHandleInformation
FindResourceExA
GetTempPathW
SetHandleCount
GetFileAttributesExA
DeviceIoControl
OpenMutexW
FindFirstFileA
CreateTimerQueue
SetConsoleWindowInfo
GlobalAddAtomA
InterlockedExchangeAdd
FindClose
GetWindowsDirectoryW
FindFirstVolumeMountPointW
TerminateJobObject
FindResourceExW
GetTimeFormatW
lstrcpyW
WriteProfileStringW
EnumResourceNamesA
DeleteFileW
FindFirstFileExW
SetProcessWorkingSetSize
CreateFileW
GetModuleHandleW
AddAtomA
GetCurrentDirectoryA
SetComputerNameA
FindFirstVolumeW
ExitProcess
GetSystemDefaultUILanguage
GetVersionExW
FileTimeToLocalFileTime
IsBadWritePtr
QueryPerformanceFrequency
SearchPathW
TransactNamedPipe
RaiseException
GlobalFlags
GetDefaultCommConfigW
HeapSize
ResumeThread
lstrcpynA
GetTimeFormatA
SleepEx
FindFirstChangeNotificationW
SetConsoleScreenBufferSize
SetConsoleTextAttribute
GetTapeParameters
VirtualFree
MoveFileExW
GetFileAttributesExW
CancelWaitableTimer
GetCPInfo
WriteProcessMemory
GetStringTypeW
GetSystemTime
CreateDirectoryW
CopyFileExW
OpenFileMappingA
GetUserDefaultLCID
lstrcatW
WriteConsoleW
HeapReAlloc
GetCurrentProcess
VerLanguageNameW
GetFullPathNameW
CreateConsoleScreenBuffer
SetFilePointer
CreateMailslotW
OpenProcess
GetFileAttributesA
WaitForMultipleObjects
GetStringTypeA
GetExitCodeThread
GetSystemDirectoryW
QueueUserWorkItem
FreeLibraryAndExitThread
IsBadHugeReadPtr
SetNamedPipeHandleState
DisconnectNamedPipe
HeapValidate
GetConsoleOutputCP
OpenJobObjectW
GetFileTime
LocalSize
OpenMutexA
SetCurrentDirectoryW

ole32

OleCreateStaticFromData
CoDisableCallCancellation
GetRunningObjectTable
CoQueryProxyBlanket
CreateItemMoniker
OleDuplicateData
OleCreateLinkToFile
CoCreateGuid
CoAllowSetForegroundWindow
OleIsRunning
StgOpenStorageOnILockBytes
CreateDataCache
OleUninitialize
OleSave
StgIsStorageILockBytes
CoGetMarshalSizeMax
CoFreeUnusedLibrariesEx
OleCreateFromFile
OleRegGetUserType
StgCreateDocfile
MkParseDisplayName
OleCreateMenuDescriptor
OleCreate
CoInitialize
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
PropVariantClear
CoTaskMemFree

shlwapi

AssocCreate
PathGetCharTypeW
PathSkipRootW
SHSetValueW
wnsprintfW
PathRemoveArgsW
PathUnquoteSpacesW
PathUndecorateW
PathGetDriveNumberW
UrlIsW
SHRegGetUSValueW
StrCatBuffA
PathRemoveFileSpecW
StrCpyNW
StrStrW
UrlCreateFromPathW
PathRemoveBackslashW
StrToIntW
UrlCombineW
SHRegSetUSValueW
StrChrIW
PathGetArgsW
SHRegSetPathW
UrlUnescapeW
SHDeleteKeyA
SHDeleteKeyW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd875dd29e26073c5c18d5ec051043b7

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB