b04ad4923e04b137efd4aa456abacc24_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b04ad4923e04b137efd4aa456abacc24_JaffaCakes118
Size

104KB
MD5

b04ad4923e04b137efd4aa456abacc24
SHA1

3dd4b6405c0c4b948691d50fb18fa023e1d1b127
SHA256

ca3220825002bd18813262cfa3a516ae66dcd63fd0fb50f93afc38ffbd2fd5b0
SHA512

bb1f8bcb8872f5a0b0a93b7b323e750bf622d6fccd84063eb29d080b52efe775f4e0570350ecfc14dd93c556d34b806b028177db3a270a05ea8536c799fd5914
SSDEEP

1536:bWanZ+2N/zobALwjq/Ea4jntPOLlm4RqAA559D1fZuCwATje15kxXE:xGALwjwmnt2Lw4RqA4N3TO5gE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b04ad4923e04b137efd4aa456abacc24_JaffaCakes118

Files

b04ad4923e04b137efd4aa456abacc24_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

ec0a555d38c3e9ce0b176bbf689df5b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapReAlloc
RemoveDirectoryW
QueueUserAPC
FindFirstVolumeMountPointW
GetVersionExA
SuspendThread
DeleteTimerQueueEx
DeleteFileA
PulseEvent
lstrcmpiW
FreeConsole
SizeofResource
OpenThread
FindResourceExA
GlobalGetAtomNameA
GetComputerNameW
IsBadStringPtrA
SleepEx
OpenMutexA
GetConsoleMode
CancelWaitableTimer
GetDiskFreeSpaceExW
CreateMailslotA
UnlockFile
UnregisterWaitEx
GetExitCodeProcess
GetSystemTime
VerifyVersionInfoW
SetWaitableTimer
BindIoCompletionCallback
CreateNamedPipeW
GlobalMemoryStatusEx
IsBadHugeWritePtr
LocalLock
GlobalFree
GetExitCodeThread
CreateProcessW
GetShortPathNameA
HeapSize
FlushViewOfFile
GlobalFlags
LockFileEx
SetVolumeMountPointW
WriteConsoleW
ChangeTimerQueueTimer
WaitForMultipleObjects
RemoveDirectoryA
GetCurrentDirectoryA
PeekConsoleInputW
LocalFileTimeToFileTime
DeleteTimerQueueTimer
GetTempFileNameW
ResumeThread
SetConsoleMode
MapViewOfFileEx
WaitNamedPipeW
SwitchToThread
TerminateProcess
GetFileAttributesExW
GetTempFileNameA
GetConsoleScreenBufferInfo
GetLocaleInfoW
CreateConsoleScreenBuffer
CreateToolhelp32Snapshot
GetTimeZoneInformation
AllocConsole
SetComputerNameA
SetErrorMode
GetCurrentProcess
GetModuleFileNameA
InterlockedDecrement
CloseHandle
InitializeCriticalSection
GetCurrentProcessId
GetTickCount
ReadFile
CreateFileA
VirtualProtect
GetLastError
WriteFile
GetProcAddress
InterlockedIncrement
CreateProcessA
LeaveCriticalSection
CreateDirectoryA
GetComputerNameA
LoadLibraryA
GlobalAlloc
GetProcessHeap
GetModuleHandleA
EnterCriticalSection
CreateMutexA
HeapDestroy
Sleep

ole32

GetHGlobalFromStream
OleCreateStaticFromData
CoQueryProxyBlanket
OleDuplicateData
SetConvertStg
CoDisableCallCancellation
OleGetAutoConvert
CreateFileMoniker
CreateAntiMoniker
OleRegGetMiscStatus
RevokeDragDrop
CoImpersonateClient
OleLoadFromStream
CoCreateGuid
OleCreateLink
CoTaskMemRealloc
OleCreateFromData
OleQueryCreateFromData
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
CoFreeUnusedLibraries
CoWaitForMultipleHandles
CLSIDFromString
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree
OleSetContainedObject
OleCreate

gdi32

EnumFontFamiliesExW
CreatePen
CreateDCA
LPtoDP
GetTextCharset
PaintRgn
GetTextCharsetInfo
SetMapMode
GetLayout
AbortDoc
GetTextExtentPoint32A
GetROP2
StretchBlt
CreateICW
SetBitmapDimensionEx
CreatePolygonRgn
GetEnhMetaFileHeader
Arc
GetCharacterPlacementA
ExtFloodFill
GetViewportOrgEx
SelectObject
GetCharWidthW
ExtTextOutW
GetPaletteEntries
BeginPath
SetMapperFlags
GetEnhMetaFileBits
WidenPath
PatBlt
CreateICA
CloseMetaFile
PolyBezierTo
GetRgnBox
GetFontResourceInfoW
Ellipse
CreateCompatibleDC
AddFontResourceA
EnumFontFamiliesW
PtVisible
CreateMetaFileW
InvertRgn
GetWorldTransform
SetBitmapBits
GetPixelFormat
GetGlyphOutlineW
PathToRegion
GetOutlineTextMetricsA
CreatePenIndirect
SetAbortProc
GetStockObject
Chord
PolyDraw
OffsetRgn

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec0a555d38c3e9ce0b176bbf689df5b9

Headers

File Characteristics

Imports

kernel32

ole32

gdi32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB