ad7b2f0abe603e4d359b5623795cb6b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ad7b2f0abe603e4d359b5623795cb6b9_JaffaCakes118
Size

284KB
MD5

ad7b2f0abe603e4d359b5623795cb6b9
SHA1

4ca94a641049b67b84b053aad195d71bcd98449d
SHA256

ba86e99ebbad358419b3bb6efb4410588593fbc29538c7acfb813e5f699e9428
SHA512

4c78fa265ebd61148db798a51c38b090b3b0d9279a9b0c0d89668250acc9ff6efab413f8a779f75f72a8e15ef53af6b85c3333055a28d9597b0cecd91d980afb
SSDEEP

6144:0IZaCih9Can7xHkW4hF2dZ41O7QZhGEuD8f:0xxnBAF2dZ4126f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad7b2f0abe603e4d359b5623795cb6b9_JaffaCakes118

Files

ad7b2f0abe603e4d359b5623795cb6b9_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

b6cf6c566dd0533d29f85c4af5af2e7e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

wmpdxm.pdb

Imports

msvcrt

wcscmp
iswdigit
_wtoi
wcslen
wcschr
wcspbrk
iswspace
memmove
towupper
_vsnwprintf
_wtol
_wcsnicmp
wcsncmp
wcsrchr
wcsstr
_snwprintf
wcsncpy
_except_handler3
_onexit
__dllonexit
_adjust_fdiv
_initterm
_CIpow
_ftol
_purecall
??2@YAPAXI@Z
realloc
??3@YAXPAX@Z
free
_wcsicmp
_beginthreadex
malloc

kernel32

FindResourceA
FindResourceW
GetFileAttributesA
GetFileAttributesW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
lstrcpynW
LoadLibraryA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
lstrcatW
lstrcmpiA
lstrcmpiW
lstrcpyW
IsBadWritePtr
GetVersionExW
GetLocaleInfoA
GetLocaleInfoW
GetWindowsDirectoryW
GetShortPathNameA
GetShortPathNameW
CompareStringW
GetDriveTypeA
GetDriveTypeW
GetNumberFormatA
GetNumberFormatW
GetTimeFormatA
GetTimeFormatW
QueryDosDeviceA
QueryDosDeviceW
CloseHandle
DeviceIoControl
GetVersion
SetErrorMode
GetExitCodeThread
WaitForSingleObject
GetLastError
CreateFileW
CreateFileA
CompareStringA
SetLastError
GetModuleHandleA
GetWindowsDirectoryA
lstrlenW
GetVersionExA
MultiByteToWideChar
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
GetProcAddress
FreeLibrary
DisableThreadLibraryCalls
WideCharToMultiByte
SetUnhandledExceptionFilter
lstrlenA
SizeofResource
LoadResource
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RaiseException
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount

gdi32

GetDeviceCaps

user32

GetDC
RegisterWindowMessageA
CharNextW
CharNextA
ReleaseDC
SendMessageA

advapi32

RegEnumKeyExW
RegEnumKeyExA
RegQueryValueExW
RegQueryValueExA
RegSetValueExW
RegSetValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegEnumValueW
RegEnumValueA
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

VarUI4FromStr
SysAllocString
VariantInit
LoadRegTypeLi
SysAllocStringLen
LoadTypeLi
SysStringLen
SysFreeString
VariantChangeType
RegisterTypeLi
VariantClear

mpr

WNetGetConnectionW
WNetGetConnectionA
WNetCancelConnection2W
WNetAddConnection2W

shlwapi

PathGetCharTypeW
PathGetCharTypeA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6cf6c566dd0533d29f85c4af5af2e7e

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

gdi32

user32

advapi32

ole32

oleaut32

mpr

shlwapi

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 171KB

.data Size: 76KB - Virtual size: 77KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 20KB - Virtual size: 17KB

.text
Size: 172KB - Virtual size: 171KB

.data
Size: 76KB - Virtual size: 77KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 20KB - Virtual size: 17KB