96c47ea353a45fbfc19b042facd9f9e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

96c47ea353a45fbfc19b042facd9f9e8_JaffaCakes118
Size

1.2MB
MD5

96c47ea353a45fbfc19b042facd9f9e8
SHA1

1c00f4625e65276dc72c90bfa575e7f5d4225765
SHA256

03fce4cb1619d5dfc00e20f12983db42cd5ad8a5734c4a5daef53083c5c4de28
SHA512

006315265083660e664bcc6f204ff13f27e6eddcf4117e5d72c1bee2a57b28e3d926056ba31749b0978b207e95654134b10c75f2acb094126619e5f49afbb282
SSDEEP

24576:4CPzUwu0xnxpd3W+jUOBTre3pKRhURqdQqxxI5th:4snxurOBTK3pC6EdZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96c47ea353a45fbfc19b042facd9f9e8_JaffaCakes118

Files

96c47ea353a45fbfc19b042facd9f9e8_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

9e4e7549439348af86424c16452b5ec1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
GlobalUnlock
GlobalLock
GlobalAlloc
GetTickCount
WideCharToMultiByte
IsBadReadPtr
GlobalAddAtomA
GlobalAddAtomW
GetModuleHandleA
GlobalFree
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalGetAtomNameW
SetEnvironmentVariableA
GetEnvironmentVariableA
FreeConsole
VirtualProtect
VirtualAlloc
GetProcAddress
GetLastError
LoadLibraryA
SetLastError
SetThreadPriority
GetCurrentThread
ReleaseMutex
WaitForSingleObject
CreateMutexA
OpenMutexA
SetErrorMode
GetCurrentThreadId
ReadFile
GetFileSize
FindClose
FindFirstFileW
VirtualQueryEx
GetExitCodeProcess
ReadProcessMemory
VirtualProtectEx
ContinueDebugEvent
ResumeThread
OutputDebugStringA
OutputDebugStringW
SetThreadContext
GetThreadContext
WaitForDebugEvent
WriteProcessMemory
UnmapViewOfFile
SuspendThread
DebugActiveProcess
MapViewOfFile
DuplicateHandle
GetCurrentProcess
CreateFileMappingA
MultiByteToWideChar
SearchPathA
GetTempPathA
GetTempPathW
GetTempFileNameA
GetTempFileNameW
GetWindowsDirectoryA
CreateFileA
GetPrivateProfileStringA
CloseHandle
DeleteFileA
MoveFileA
CreateProcessA
GetStartupInfoA
GetCommandLineA
SetEvent
CreateEventA
GetSystemTimeAsFileTime
ExitProcess
GetLocalTime
FormatMessageA
LocalFree
GetFullPathNameA
GetFullPathNameW
GetFileAttributesExA
GetFileAttributesExW
GetFileAttributesW
GetFileAttributesA
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
CreateFileW
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
GetStringTypeA
IsValidLocale
Sleep
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
InitializeCriticalSection
GetCurrentProcessId
GetModuleFileNameW
GetShortPathNameW
GetModuleFileNameA
WritePrivateProfileStringA
GetShortPathNameA
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
DeleteCriticalSection
RtlUnwind
RaiseException
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeFormatA
GetDateFormatA
HeapAlloc
GetProcessHeap
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
WriteFile
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetTimeZoneInformation
SetHandleCount
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter

user32

LoadStringW
IsWindow
PostMessageA
DefDlgProcA
DrawTextA
CreateDialogParamA
RegisterClassExA
DialogBoxParamA
GetWindowTextLengthA
GetWindowTextA
GetDesktopWindow
MoveWindow
SetPropA
EnumThreadWindows
GetMessageA
BeginPaint
EndPaint
KillTimer
GetAsyncKeyState
GetSystemMetrics
SetTimer
SetWindowTextA
GetDlgItem
CreateDialogIndirectParamA
ShowWindow
UpdateWindow
LoadStringA
GetPropA
FindWindowA
WaitForInputIdle
DestroyWindow
MessageBoxA
InSendMessage
UnpackDDElParam
FreeDDElParam
DefWindowProcW
DefWindowProcA
LoadCursorA
RegisterClassW
CreateWindowExW
RegisterClassA
CreateWindowExA
GetWindowThreadProcessId
SendMessageW
SendMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
EnumWindows
IsWindowUnicode
PackDDElParam
PostMessageW

gdi32

SelectObject
BitBlt
DeleteObject
CreatePalette
CreateDCA
SelectPalette
RealizePalette
CreateDIBitmap
DeleteDC
CreateCompatibleDC

comdlg32

GetSaveFileNameA
GetOpenFileNameA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text1
Size: 548KB - Virtual size: 576KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 52KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data1
Size: 108KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc1
Size: 36KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: 424KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e4e7549439348af86424c16452b5ec1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 14KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: - Virtual size: 6KB

.reloc Size: - Virtual size: 1KB

.text1 Size: 548KB - Virtual size: 576KB

.adata Size: 52KB - Virtual size: 64KB

.data1 Size: 108KB - Virtual size: 128KB

.tls Size: 4KB - Virtual size: 64KB

.reloc1 Size: 36KB - Virtual size: 64KB

.pdata Size: 424KB - Virtual size: 448KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: - Virtual size: 14KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: - Virtual size: 6KB

.reloc
Size: - Virtual size: 1KB

.text1
Size: 548KB - Virtual size: 576KB

.adata
Size: 52KB - Virtual size: 64KB

.data1
Size: 108KB - Virtual size: 128KB

.tls
Size: 4KB - Virtual size: 64KB

.reloc1
Size: 36KB - Virtual size: 64KB

.pdata
Size: 424KB - Virtual size: 448KB

.rsrc
Size: 4KB - Virtual size: 4KB