a49a16dde0f027ed3b09c9d9d55195fd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a49a16dde0f027ed3b09c9d9d55195fd_JaffaCakes118
Size

228KB
MD5

a49a16dde0f027ed3b09c9d9d55195fd
SHA1

ed0ac7c1cc205399dc8856afca9a6161275dbee1
SHA256

65629f05fb99797374953b579dabcefa1c32a879e8bc70f53874d66b1802714c
SHA512

5c481a4f510b84e7be4a17a87c9fc4b42e5db41500af4601d46c648d8cb56b1161c605cecdb066ba3577e1c0dae4472a85fc0d24baa7a51c457709df82091bb9
SSDEEP

3072:b1EvJ+EpyZb7nnW0Shvr+8ku5a13knZhwbk4kD0BOSo2ArtbLDaalPUAJ3w/lRDK:88ZvnnShvr+8k6a8hD0BObPwzYs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a49a16dde0f027ed3b09c9d9d55195fd_JaffaCakes118

Files

a49a16dde0f027ed3b09c9d9d55195fd_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

545f253117e5977131d27f6f7e756ea8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
InterlockedIncrement
InterlockedDecrement
DebugBreak
OutputDebugStringA
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
FreeLibrary
LocalAlloc
InterlockedExchange
RaiseException
GetLastError
LoadLibraryA
LocalFree
lstrcatA
GetWindowsDirectoryA
Sleep
TerminateProcess
GetSystemDirectoryA
GetCommandLineA
GetVersionExA
FlushInstructionCache
GetStdHandle
GetACP
TlsGetValue
SetEnvironmentVariableA
GetLocaleInfoW
SetEndOfFile
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleHandleA
GetStartupInfoA
GetFileType
SetHandleCount
FlushFileBuffers
SetFilePointer
IsBadWritePtr
SetLastError
VirtualAlloc
VirtualFree
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
ExitProcess
GetFileSize
ReadFile
GetModuleFileNameA
GetLongPathNameA
CreateFileA
WriteFile
CloseHandle
GlobalAlloc
GlobalLock
GlobalFree
lstrlenW
WideCharToMultiByte
GetTickCount
FindFirstFileA
FindClose
lstrlenA
MultiByteToWideChar
lstrcpyW
HeapReAlloc
HeapAlloc
HeapCreate
HeapDestroy
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
HeapSize
RtlUnwind
HeapFree
GetVersion
GetOEMCP

user32

DestroyWindow
GetClientRect
SetWindowLongA
CreateWindowExA
wvsprintfA
CharNextA
ShowWindow
SetTimer
KillTimer
SetWindowPos
GetWindowRect
GetParent
wsprintfA
MessageBoxA
CallWindowProcA
GetWindowLongA
LoadStringA
GetFocus
GetWindow
DefWindowProcA
IsWindow

ole32

CreateStreamOnHGlobal
CoGetMalloc
StringFromIID
CoCreateFreeThreadedMarshaler

oleaut32

SysStringLen
LoadRegTypeLi
DispCallFunc
VariantChangeType
SysAllocString
SysAllocStringByteLen
VariantInit
VariantClear
SysFreeString
SysStringByteLen

atl

ord22
ord18
ord15
ord16
ord21
ord23
ord43
ord44
ord46
ord48
ord32
ord30
ord47
ord31
ord10
ord11
ord39
ord58

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

545f253117e5977131d27f6f7e756ea8

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

atl

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 161KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 164KB - Virtual size: 161KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 16KB - Virtual size: 15KB