a517248970978d3dc2dae5a5ab10b650_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a517248970978d3dc2dae5a5ab10b650_JaffaCakes118
Size

68KB
MD5

a517248970978d3dc2dae5a5ab10b650
SHA1

b526e508ec3b72c28a9af00fe043d377bec258bd
SHA256

52ab69052c951748b703d4612ec889a61d2671ebef6b54729f574c5bc797ebf9
SHA512

80789302c6c010edec0ad50f11e33db66d04ba2beeaac80536ad0f566e8e15b15f41f6059a236d47d54f109adc2a21dac742d005c49618f682465d00cfb2879f
SSDEEP

768:J/PrXqJDhsNODjP9JW7ijhDTFSpxK+CmtZDQOaqixdlji2312CqKywlXAxJBJ9xl:AEEj+YTFSpDXW7dljtB3OxJBJr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a517248970978d3dc2dae5a5ab10b650_JaffaCakes118

Files

a517248970978d3dc2dae5a5ab10b650_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

37596e6c32d1e4cc9d96d8d0b9ee7764

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTempPathA
GetSystemDirectoryA
GetWindowsDirectoryA
lstrcmpiA
lstrcpynA
CloseHandle
WaitForSingleObject
CreateProcessA
InterlockedIncrement
WriteProcessMemory
VirtualProtectEx
GetProcAddress
GetModuleHandleA
ResumeThread
SetThreadContext
FlushInstructionCache
GetThreadContext
SuspendThread
DeviceIoControl
CreateFileA
GetVersionExA
Sleep
SetThreadPriority
OutputDebugStringA
CreateEventA
SetEvent
ExitProcess
ResetEvent
GetPrivateProfileStringA
GetPrivateProfileSectionA
DeleteFileA
GetTempFileNameA
GetTickCount
WriteFile
Process32Next
Process32First
CreateToolhelp32Snapshot
GetLastError
GetFileSize
GetCurrentProcessId
DisableThreadLibraryCalls
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
DeleteCriticalSection
lstrlenW
GetCurrentThreadId
GetCurrentProcess
DebugBreak
WideCharToMultiByte
InterlockedDecrement
lstrlenA
GetShortPathNameA
MultiByteToWideChar
GetModuleFileNameA
CreateThread

user32

CreateWindowExA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
IsWindow
SetWindowLongA
DestroyWindow
PostQuitMessage
DefWindowProcA
CallWindowProcA
LoadStringA
CharNextA
wvsprintfA
GetWindowLongA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegFlushKey
RegQueryValueExA
RegEnumKeyA
RegCloseKey

shell32

SHGetSpecialFolderPathA

ole32

CoUninitialize
CoCreateInstance
CoInitialize
StringFromCLSID
CoGetMalloc

oleaut32

SysFreeString
LoadRegTypeLi
SysStringLen

msvcrt

isspace
_adjust_fdiv
_initterm
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
memcmp
_purecall
getenv
_mbslen
time
_osver
strncpy
malloc
memmove
isdigit
isalpha
_mbsicmp
_mbschr
free
realloc
strlen
isalnum
_vsnprintf
atoi
_ismbcdigit
wcslen
??2@YAPAXI@Z
memcpy
??3@YAXPAX@Z
memset
__CxxFrameHandler

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

shlwapi

StrStrIA
PathFileExistsA
StrChrIA
SHGetValueA
PathFindFileNameA
PathStripToRootA
SHSetValueA
SHDeleteKeyA
PathAppendA
StrChrA
StrToIntA
StrCmpNIA
SHDeleteValueA

netapi32

Netbios

wininet

FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
FindCloseUrlCache
InternetReadFile
InternetCrackUrlA
InternetSetOptionA
InternetGetConnectedState
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Initialize

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ishare
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37596e6c32d1e4cc9d96d8d0b9ee7764

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

msvcrt

version

shlwapi

netapi32

wininet

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 6KB

.ishare Size: 4KB - Virtual size: 8B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 6KB

.ishare
Size: 4KB - Virtual size: 8B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 2KB