b08bfedf054240838ac53b6e5b855b1e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b08bfedf054240838ac53b6e5b855b1e_JaffaCakes118
Size

148KB
MD5

b08bfedf054240838ac53b6e5b855b1e
SHA1

2a849755bfeff65ff3965d02fbd951dca902537d
SHA256

6ef3baa0ecced347fad26aa35eb18b58b0cac3829b28880e2eb2efa67b67ed0c
SHA512

754efba5787695524c0b865f266f50551eee8006185f61f7d685acf7a027414423e885a824ed9242cb7efe1ff3f77a73ad636befa528354281918bb17c406528
SSDEEP

3072:k1tKD/1p6fU1mSPpVwYCCHtKmDoJjTG8xOemf3CHJ:yap31vVBCq4mDGTzhmf3U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b08bfedf054240838ac53b6e5b855b1e_JaffaCakes118

Files

b08bfedf054240838ac53b6e5b855b1e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

78a92c3f2a235340d84cb196b0948244

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrStrIA
SHSetValueA
SHGetValueA

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

msvcrt

_stricmp
??0exception@@QAE@ABV0@@Z
tolower
printf
__CxxFrameHandler
_CxxThrowException
??0exception@@QAE@XZ
??3@YAXPAX@Z
??1exception@@UAE@XZ
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
strstr
strtok
??2@YAPAXI@Z
toupper
atoi
tmpnam
fopen
fwrite
fclose
free
srand
strchr
isgraph
isxdigit
wcscmp
?what@exception@@UBEPBDXZ
strerror
isspace
isupper
__mb_cur_max
malloc
wcslen
isalnum
wctomb
islower
isalpha
ispunct
strncpy

oleaut32

GetErrorInfo
SysFreeString
SysAllocString
VariantClear

ole32

CoCreateInstance
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
CoInitialize

advapi32

RegQueryValueExW
RegOpenKeyExA
RegOpenKeyExW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegCloseKey

winmm

timeGetTime

user32

RegisterClassExA
wsprintfA
CloseClipboard
OpenClipboard
SetWindowPos
SystemParametersInfoA
DispatchMessageA
TranslateMessage
ShowWindow
CreateWindowExA
KillTimer
SetTimer
DefWindowProcA
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
GetMessageA

rpcrt4

UuidToStringA

wininet

InternetCloseHandle
InternetOpenA
HttpQueryInfoA
InternetSetOptionA
InternetOpenUrlA
InternetReadFile

netapi32

Netbios

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

Sleep
GetCurrentProcess
GetProcessTimes
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA
GetLastError
GetProcAddress
FreeLibrary
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
GetVersionExA
GetSystemInfo
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCurrentDirectoryA
GetThreadTimes
GetCurrentThread
GetSystemDirectoryA
SetLastError
MultiByteToWideChar
GetEnvironmentVariableA
lstrcpynA
InterlockedExchange
lstrcmpiA
lstrcmpA
SleepEx
CloseHandle
OpenProcess
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
GetCurrentProcessId
CreateFileA
GetLocalTime
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
LocalFree
FormatMessageA
HeapFree
lstrcpyA
lstrlenA
GetVersion
GetWindowsDirectoryA
HeapSize
GetProcessHeap
HeapAlloc
GetFullPathNameA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78a92c3f2a235340d84cb196b0948244

Headers

File Characteristics

Imports

shlwapi

psapi

msvcrt

oleaut32

ole32

advapi32

winmm

user32

rpcrt4

wininet

netapi32

version

kernel32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 23KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 23KB

.reloc
Size: 8KB - Virtual size: 6KB