ab4058c219b6b581fed16f25504ee71a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ab4058c219b6b581fed16f25504ee71a_JaffaCakes118
Size

108KB
MD5

ab4058c219b6b581fed16f25504ee71a
SHA1

cc3c68cbe12b463cc58c93c04348f9ef1b22cf59
SHA256

3bf208bdba4270cfe1b9dfe983d77e540cc253e9ac34b4a4c9e600ab230e997b
SHA512

7b895bb9419d69d25463aa159f185d1f9f546a557119eb219852a061852e8f8a31858786b7085f431b7fe23900c57e98c66a73796db795d35227f00bea78fe83
SSDEEP

3072:5xPuC5wFQXmDAIrffGAsWLRq6ctMCN+K2Po9k:5xPt5qQz0fwWUhNo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab4058c219b6b581fed16f25504ee71a_JaffaCakes118

Files

ab4058c219b6b581fed16f25504ee71a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

2d20ec033637d7f52b0609f72e5b8b85

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetNumberFormatW
SetEnvironmentVariableW
EnumResourceLanguagesW
GetFileType
CompareFileTime
CreateToolhelp32Snapshot
FindClose
WideCharToMultiByte
VirtualFree
SetEnvironmentVariableA
FindNextChangeNotification
GetCommandLineA
GetDriveTypeA
HeapReAlloc
LockFile
GlobalGetAtomNameW
GetDefaultCommConfigW
SetEvent
ReadConsoleA
lstrcmpA
GetCurrentDirectoryW
OpenSemaphoreW
SetVolumeLabelA
SetFilePointer
MoveFileExW
GetLogicalDriveStringsW
GetTempPathA
MoveFileA
EnumResourceLanguagesA
FreeLibraryAndExitThread
FindFirstChangeNotificationA
RaiseException
SetDefaultCommConfigW
GetEnvironmentStrings
CreateNamedPipeA
GetSystemWow64DirectoryW
WaitForMultipleObjects
FindNextFileW
GetTimeFormatW
ReadProcessMemory
CreateFileMappingW
EnumResourceNamesW
GetModuleFileNameW
GlobalFree
EnumUILanguagesW
GetExitCodeProcess
OpenFile
GetCPInfo
FindAtomA
SetInformationJobObject
RemoveDirectoryW
GetConsoleScreenBufferInfo
CreateWaitableTimerA
UpdateResourceA
CreateFileMappingA
GlobalAddAtomA
GlobalFindAtomA
WriteProcessMemory
LockResource
HeapSize
GetVolumeInformationW
ReplaceFileW
CopyFileW
GetLongPathNameW
GetWindowsDirectoryW
lstrcatW
DeleteFileA
GetVersionExA
GetFileAttributesExA
CreateJobObjectW
WriteProfileStringW
FileTimeToLocalFileTime
CreateTimerQueue
CancelWaitableTimer
SetErrorMode
GetEnvironmentVariableA
AddAtomW
InterlockedExchangeAdd
GetStringTypeExW
CreateMutexA
GetModuleFileNameA
CreateDirectoryA
CloseHandle
WriteFile
GetTickCount
CreateFileA
GetModuleHandleA
EnterCriticalSection
GlobalAlloc
GetProcessHeap
GetProcAddress
GetComputerNameA
GetCurrentProcessId
InterlockedIncrement
Sleep
HeapFree
VirtualProtect
GetLastError
LoadLibraryA
CopyFileA
GetShortPathNameW
InitializeCriticalSection

ole32

OleRegGetMiscStatus
CoRevertToSelf
CoGetCallContext
CoMarshalInterface
CoGetMarshalSizeMax
CoUnmarshalInterface
OleLoad
CoGetInterfaceAndReleaseStream
OleQueryCreateFromData
CoDisconnectObject
StringFromIID
CoInitializeEx
CoSwitchCallContext
OleLockRunning
OleCreateMenuDescriptor
CoAllowSetForegroundWindow
CoFreeUnusedLibrariesEx
CoWaitForMultipleHandles
CoEnableCallCancellation
OleRegGetUserType
BindMoniker
CoMarshalInterThreadInterfaceInStream
GetHGlobalFromILockBytes
PropVariantCopy
CreateAntiMoniker
CreateFileMoniker
CoCreateInstance
OleCreate
OleSetContainedObject
CoUninitialize
GetHGlobalFromStream

shlwapi

StrStrA
StrCpyW
PathSkipRootW
StrCatBuffW
PathRemoveBlanksW
SHRegSetPathW
PathCreateFromUrlW
StrRetToBufW
StrChrW
StrChrA
PathGetCharTypeW
PathAddExtensionW
SHCreateStreamOnFileW
UrlCanonicalizeW
PathGetArgsW
SHRegSetUSValueW
SHAutoComplete
PathUnquoteSpacesW
SHRegGetUSValueW
PathCanonicalizeW
PathFileExistsA
PathGetCharTypeA
UrlEscapeW
StrCmpIW
StrStrIW
StrCmpNIW
SHRegGetValueW

gdi32

GetMetaFileA
Escape
CreateBitmapIndirect
UnrealizeObject
SetDIBits
GetTextMetricsW
Polyline
SetStretchBltMode
GetCurrentPositionEx
SetBrushOrgEx
CreateICW
GetEnhMetaFileA
GetDIBits
StrokePath
GetRandomRgn
CombineRgn
ModifyWorldTransform
LineTo
SetLayout
GetPaletteEntries
PathToRegion
CreateCompatibleDC
CreateDCA
SetMiterLimit
EnumFontsA
GetKerningPairsA
PolylineTo
GetCharWidth32W
SetMapMode
CloseMetaFile
GetTextExtentPoint32W
TextOutA
Polygon
GetPath
GetOutlineTextMetricsA
GetWindowExtEx

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d20ec033637d7f52b0609f72e5b8b85

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB