8d16b4b2f8c038283cf50667a1b2673a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8d16b4b2f8c038283cf50667a1b2673a_JaffaCakes118
Size

684KB
MD5

8d16b4b2f8c038283cf50667a1b2673a
SHA1

aa72c01e7ec407948d56c44bf8caffc9f53fa402
SHA256

a4d218a60aaa96f27837196fe1b698dca30abba89c3ab3beaa660bfa506e7be7
SHA512

15c7dc83e615fdccbb535b852d8d8882b4141281fc22d662e55542dde8fab2da9e53116239610f88b406c02bbcc869a09a83f95486b61b863e45dc4fa63e9153
SSDEEP

12288:xTqAuC2lsh/CuJfVNXXSF70Mp3IYPU+KEfEgqIqptZY+jQTmFPapzGDGe7+:x/2+1CwXS5fp3Ixe+sTmta

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d16b4b2f8c038283cf50667a1b2673a_JaffaCakes118

Files

8d16b4b2f8c038283cf50667a1b2673a_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

fbb780b0d1613c126ce3b81d5da5d009

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

UrlEscapeW
PathMatchSpecW
UrlGetPartW
UrlUnescapeW
PathFileExistsW
StrCmpIW
PathIsDirectoryW
StrStrIW

kernel32

ExitThread
CompareStringW
CompareStringA
InterlockedIncrement
InterlockedDecrement
GetProcAddress
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetLastError
MultiByteToWideChar
GetDriveTypeA
GetProcessHeap
SetEndOfFile
CreateFileA
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileW
SetStdHandle
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetLocaleInfoA
GetCurrentDirectoryA
GetDateFormatA
GetTimeFormatA
IsValidCodePage
GetOEMCP
GetACP
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
Sleep
FreeLibrary
GetFullPathNameW
WideCharToMultiByte
GetSystemInfo
GetSystemTime
InterlockedExchange
GetConsoleCP
GetModuleHandleA
CloseHandle
WriteFile
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
InterlockedCompareExchange
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
GetCurrentThreadId
GetCommandLineA
SetEnvironmentVariableA
CreateThread
GetSystemTimeAsFileTime
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileW
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
HeapAlloc
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapSize
ExitProcess
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA

user32

EnumChildWindows
wsprintfW
SetWindowPos
GetWindowRect
SystemParametersInfoW
SetWindowTextW
GetWindowLongW
MoveWindow
SetWindowLongW
SendMessageW
CallWindowProcW
GetWindowTextW
RealGetWindowClassW

ole32

CoCreateInstance
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateGuid
CoInitialize
CoUninitialize

oleaut32

VariantInit
VariantChangeType
VariantCopy
SysAllocString
VariantClear
VarBstrCmp
SysFreeString
SysStringLen
SysAllocStringLen

ws2_32

inet_addr

shell32

SHCreateDirectoryExW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 533KB - Virtual size: 532KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbb780b0d1613c126ce3b81d5da5d009

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

ole32

oleaut32

ws2_32

shell32

Exports

Exports

Sections

.text Size: 533KB - Virtual size: 532KB

.rdata Size: 75KB - Virtual size: 75KB

.data Size: 10KB - Virtual size: 25KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 63KB - Virtual size: 62KB

.text
Size: 533KB - Virtual size: 532KB

.rdata
Size: 75KB - Virtual size: 75KB

.data
Size: 10KB - Virtual size: 25KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 63KB - Virtual size: 62KB