a0debef07db56b74828374377374bc2b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a0debef07db56b74828374377374bc2b_JaffaCakes118
Size

176KB
MD5

a0debef07db56b74828374377374bc2b
SHA1

da95be5d454f20e8612336e4097ed2d8d4f2f0ce
SHA256

4e9fbbb169bbb640e491a28ccc5406746c47bcd6bb50bcafe00891ec37d851f5
SHA512

14d1687e5bfe232b1e963b1b575a32160cc11c22cf184fc99dd553b912158f235cf965086b4a1c8381680ed4a54858fc1db50856c6977f7825416bd5b0dfbcd2
SSDEEP

3072:H+ztA/CPgLX0BIOhOoO9YLQpDOL6usHNPng5UWat5rk3sjz7gMsBC:H1LXkIaOJYcp6OusB5jXo307gM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0debef07db56b74828374377374bc2b_JaffaCakes118

Files

a0debef07db56b74828374377374bc2b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

73942c9ad2d2be2cceec0668bbbf6918

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

PrintDlgA
ChooseFontA
CommDlgExtendedError
GetOpenFileNameA
ChooseColorA
PageSetupDlgA
GetSaveFileNameA

kernel32

lstrcpyA
MulDiv
lstrlenW
HeapAlloc
GetProcAddress
VirtualAlloc
GlobalFree
GlobalAlloc
GlobalUnlock
HeapReAlloc
FreeLibrary
GetProcessHeap
InitializeCriticalSection
GetVersion
lstrlenA
DeleteCriticalSection
OpenFile
lstrcpynA
lstrcatA
GetModuleFileNameA
MultiByteToWideChar
GetWindowsDirectoryA
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
GetLocaleInfoA
HeapFree
WideCharToMultiByte
DisableThreadLibraryCalls
GlobalLock
lstrcmpA

user32

CharNextA
MoveWindow
GetDC
DestroyWindow
wsprintfA
LoadStringA
GetWindowRect
UnregisterClassA
GetParent
ReleaseDC
IsWindow
GetSystemMetrics

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

advapi32

RegCloseKey
RegDeleteValueA
RegQueryValueA
RegOpenKeyA
RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA

oleaut32

SafeArrayRedim
SafeArrayPutElement
UnRegisterTypeLi
SysFreeString
SysAllocString
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayDestroy
SafeArrayCreate
LoadTypeLi
RegisterTypeLi
VariantClear
VariantCopy
LoadTypeLibEx
SysAllocStringLen
OleCreateFontIndirect
CreateErrorInfo
LoadRegTypeLi
SetErrorInfo

gdi32

GetDeviceCaps

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73942c9ad2d2be2cceec0668bbbf6918

Headers

File Characteristics

Imports

comdlg32

kernel32

user32

ole32

advapi32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 824B

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 124KB - Virtual size: 123KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 824B

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 124KB - Virtual size: 123KB

.reloc
Size: 4KB - Virtual size: 3KB