93a5b5734f41d31db71bb94cd8560397_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

93a5b5734f41d31db71bb94cd8560397_JaffaCakes118
Size

57KB
MD5

93a5b5734f41d31db71bb94cd8560397
SHA1

32b9dac966fd5773803ea2f141c2d0e62b912236
SHA256

667427d60f51ea8aca03d87ca6c8dea8432f695f391d81f84114b968d45bdcbe
SHA512

962e8d2e90976cf0e2f3ef6dd776b2b91d044c555bbd6e3b93fc4aac9daf0ba758af2c2213de37c62afc7077b5c80d09ffbdebf418a053f182988e7fa2da87c1
SSDEEP

1536:ot48JU+/Ej3x5/6mdXJKWB8QXSXQcdrO:otTUjjhFJKWu4H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93a5b5734f41d31db71bb94cd8560397_JaffaCakes118

Files

93a5b5734f41d31db71bb94cd8560397_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

69fd6c795e11113baf8e5876120999bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

msvcrt

realloc
memset
malloc
memcpy
free
memcmp
atoi
exit
__CxxFrameHandler
_EH_prolog
strtok
fclose
_adjust_fdiv
_initterm
fread
strncat
tolower
strncpy
fgets
strchr
fopen
_itoa
wcstombs
strlen
??3@YAXPAX@Z
strcat
??2@YAPAXI@Z
_purecall
strstr
strcmp
strcpy

atl

ord44
ord21
ord43
ord58
ord57
ord18
ord15
ord16
ord23
ord30
ord32

rasapi32

RasGetErrorStringA
RasGetConnectStatusA
RasEnumConnectionsA
RasGetEntryDialParamsA
RasDialA
RasHangUpA
RasSetEntryDialParamsA
RasEnumDevicesA
RasSetEntryPropertiesA
RasDeleteEntryA
RasEditPhonebookEntryA
RasEnumEntriesA
RasGetEntryPropertiesA

wininet

InternetQueryOptionA
HttpQueryInfoA
InternetGetConnectedState
InternetOpenA
InternetReadFile
InternetCloseHandle
InternetOpenUrlA

kernel32

LeaveCriticalSection
WriteFile
FindClose
InitializeCriticalSection
lstrcpyA
GetLocalTime
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentThreadId
DisableThreadLibraryCalls
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
ExpandEnvironmentStringsA
GetShortPathNameA
GetCurrentProcess
FlushInstructionCache
MultiByteToWideChar
MulDiv
DeleteCriticalSection
EnterCriticalSection
lstrlenW
GetTempPathA
Sleep
HeapFree
GetLastError
lstrcatA
GetFileAttributesA
CreateDirectoryA
FindFirstFileA
HeapAlloc
HeapReAlloc
CreateFileA
CloseHandle
OpenProcess
TerminateProcess
GetProcessHeap

user32

wsprintfA
EndDialog
LoadImageA
DialogBoxParamA
GetActiveWindow
GetWindowTextA
SendDlgItemMessageA
EnableWindow
GetParent
SetWindowLongA
EnumThreadWindows
MapWindowPoints
GetClientRect
SystemParametersInfoA
GetWindow
GetWindowLongA
SendMessageA
MessageBoxA
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
IsWindow
EnumWindows
GetWindowThreadProcessId
PostMessageA
GetDlgItem
SetWindowTextA
SetFocus
CreateWindowExA
DefWindowProcA
BeginPaint
GetWindowRect
GetUpdateRect
EndPaint
BringWindowToTop
ShowWindow
SetWindowPos

gdi32

GetDeviceCaps

advapi32

RegSetValueExA
RegEnumKeyExA
RegCreateKeyA
RegCloseKey
RegOpenKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA

shell32

SHGetPathFromIDListA
ShellExecuteA
SHGetSpecialFolderLocation

ole32

OleInitialize
CoUninitialize
OleUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysAllocStringLen
SysFreeString
OleLoadPicturePath
LoadRegTypeLi
VariantClear
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMostrar
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69fd6c795e11113baf8e5876120999bc

Headers

File Characteristics

Imports

version

msvcrt

atl

rasapi32

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 33KB - Virtual size: 32KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 6KB - Virtual size: 22KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 33KB - Virtual size: 32KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 6KB - Virtual size: 22KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 3KB - Virtual size: 3KB