b268f8cd3a737568c7a6ef77fd3e89a6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b268f8cd3a737568c7a6ef77fd3e89a6_JaffaCakes118
Size

2.1MB
MD5

b268f8cd3a737568c7a6ef77fd3e89a6
SHA1

154b8f36e0574701380c78aaee0f6f602d781140
SHA256

72b90f3c9374e1d3fd948b769ba04662903a731a150af1ef17a96a9561779970
SHA512

830f646c97cd62c220495a4adcc2808313e7285b1972e9dbbb1a384ef602ad965a0a4a6cf8b24882fe7d7904d1b8ce485c92c9d3cfe32664928cf77be35f9de4
SSDEEP

49152:U1o/UuHEwEOJuPnWqtmUFvwAFi1gxLLKSf7ZtZ7dL9tU7EbzjiTbyl3:U193JjnbtlFw11gxLLKSf7ZtZpL9tU78

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b268f8cd3a737568c7a6ef77fd3e89a6_JaffaCakes118

Files

b268f8cd3a737568c7a6ef77fd3e89a6_JaffaCakes118
.dll windows:5 windows x86 arch:x86

3381c6baa46644ae299951d0bb131dae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nspr4

PR_AtomicDecrement
PR_AtomicIncrement

xpcom

NS_GetServiceManager
NS_Alloc
NS_Free
NS_CStringContainerFinish
NS_CStringSetData
NS_GetComponentManager
NS_StringContainerFinish
NS_StringContainerInit2
NS_StringContainerInit
NS_CStringGetData
NS_StringGetData
NS_CStringContainerInit

kernel32

SetEndOfFile
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
ExitThread
PurgeComm
GetVersion
SetFilePointerEx
ClearCommError
SetTapePosition
WriteFileGather
LoadLibraryW
SetCommMask
CommConfigDialogW
BeginUpdateResourceW
GetFileType
GetCurrentProcess
GetTempFileNameW
GetShortPathNameA
GetProcessAffinityMask
GetDiskFreeSpaceExW
ResumeThread
HeapSetInformation
GetProcessVersion
GetProcAddress
LoadLibraryA
GetSystemDirectoryW
LoadModule
EnterCriticalSection
GetPrivateProfileStructW
PrepareTape
SetTimeZoneInformation
HeapCompact
DeleteAtom
GetLogicalDriveStringsA
CreateMutexW
SetProcessShutdownParameters
GetProfileSectionW
GetWindowsDirectoryW
SetFileAttributesW
WriteProfileSectionW
FlushFileBuffers
AddAtomW
GetEnvironmentStringsW
InterlockedCompareExchange
GetTapeParameters
IsBadHugeReadPtr
FindNextFileW
DebugBreakProcess
WritePrivateProfileStructA
GetFileSizeEx
CreateSemaphoreA
GetLocalTime
GetNumaNodeProcessorMask
GetLogicalDriveStringsW
BuildCommDCBA
SetThreadPriorityBoost
SetEvent
GetFileAttributesExW
GetCommConfig
HeapWalk
GetPrivateProfileSectionW
FindFirstFileA
GetTempPathA
CloseHandle
WaitCommEvent
GetStdHandle
GetThreadTimes
FreeResource
DisconnectNamedPipe
SetComputerNameW
WaitForMultipleObjects
GetProfileStringW
GetSystemWindowsDirectoryW
GetModuleFileNameW
GetLastError
GetDiskFreeSpaceExA
CreateEventW
CreateFileMappingA
GetSystemDirectoryA
FileTimeToLocalFileTime
MoveFileA
LocalSize
GetDriveTypeW
SetFileShortNameA
EnumResourceNamesW
CreateFileW
GetFileAttributesW
LocalCompact
GetCommandLineW
GetSystemTimeAdjustment
OpenEventW
OpenMutexW
FindAtomW
EraseTape
GetStartupInfoA
GetCompressedFileSizeW
FindResourceExA
GetLongPathNameA
GetPrivateProfileStringW
SetThreadPriority
CreateDirectoryExW
WritePrivateProfileStringW
GlobalFlags
FindClose
lstrcmpiW
TlsFree
DebugSetProcessKillOnExit
FlushInstructionCache
GetCurrentDirectoryA
GetModuleHandleA
VirtualProtectEx
SearchPathA
IsBadReadPtr
GetStartupInfoW
GetBinaryTypeA
CallNamedPipeW
DeleteCriticalSection
GetCommandLineA
EndUpdateResourceW
GetDefaultCommConfigA
IsBadStringPtrW
SetFileShortNameW
GetVersionExA
GetNamedPipeHandleStateW
SetLocalTime
GetPriorityClass
DosDateTimeToFileTime
GetProcessIoCounters
IsBadWritePtr
GetProcessShutdownParameters
WriteProcessMemory
GetDefaultCommConfigW
SetEnvironmentVariableW
OpenFile
RequestWakeupLatency
OutputDebugStringA
GlobalHandle
GetThreadSelectorEntry
DefineDosDeviceW
GetNumaAvailableMemoryNode
WriteTapemark
FindAtomA
LocalReAlloc
FindFirstChangeNotificationA
CallNamedPipeA
GlobalFindAtomW
FormatMessageW
GetCurrentThread
HeapValidate
GetFullPathNameW
UnlockFileEx
SystemTimeToTzSpecificLocalTime
GetPrivateProfileIntW
GetAtomNameA
lstrcmpiA
FileTimeToDosDateTime
SetMessageWaitingIndicator
EscapeCommFunction
GlobalDeleteAtom
VirtualFree
EnumResourceLanguagesW
HeapAlloc
DuplicateHandle
DisableThreadLibraryCalls
CreateThread
CreateRemoteThread
ResetWriteWatch
lstrcatW
LocalFree
UpdateResourceW
DebugBreak
GlobalFix
FlushViewOfFile
lstrcpyW
FileTimeToSystemTime
TerminateProcess
FindResourceExW
GetTempFileNameA
ExpandEnvironmentStringsW
FreeLibraryAndExitThread
GetExitCodeThread
GetCommState
OpenSemaphoreA
GetVolumeInformationW
GlobalUnfix
ReadFileEx
MoveFileW
SetErrorMode
GetWriteWatch
CopyFileA
GetPrivateProfileStructA
ExpandEnvironmentStringsA
SetThreadAffinityMask
GetTimeZoneInformation
WinExec
lstrcpyA
InterlockedDecrement
WritePrivateProfileSectionW
IsProcessorFeaturePresent
GetPrivateProfileSectionNamesA
lstrcmpA
GlobalWire
CreateEventA
Sleep
SetDefaultCommConfigW
GlobalGetAtomNameW
GetNamedPipeInfo
GetSystemPowerStatus
SetThreadExecutionState
QueryDosDeviceW
SetCommTimeouts
BackupRead
UpdateResourceA
GetThreadPriority
GlobalMemoryStatus
FindResourceA
GetFirmwareEnvironmentVariableA
SetFirmwareEnvironmentVariableA
IsBadCodePtr
WriteFileEx
BeginUpdateResourceA
UnlockFile
EndUpdateResourceA
CompareStringW
CompareStringA
GetProcessHeap
WriteConsoleW
GetConsoleOutputCP
GetDiskFreeSpaceA
GetPrivateProfileSectionA
GetExitCodeProcess
GetBinaryTypeW
FatalAppExitW
FormatMessageA
GetFileTime
GetNumaProcessorNode
GetFirmwareEnvironmentVariableW
GetThreadPriorityBoost
WideCharToMultiByte
LocalHandle
MultiByteToWideChar
GetModuleHandleW
SetCurrentDirectoryA
CancelIo
OpenSemaphoreW
GetSystemWindowsDirectoryA
SetProcessAffinityMask
MoveFileExW
GetComputerNameW
FreeEnvironmentStringsA
GetHandleInformation
GetProfileSectionA
GetVersionExW
SetVolumeLabelW
DeleteFileW
GetCurrentDirectoryW
MoveFileExA
WaitForSingleObjectEx
GetCompressedFileSizeA
HeapQueryInformation
MapViewOfFile
LockFile
SetPriorityClass
GetCommProperties
VirtualAllocEx
InterlockedIncrement
EnumResourceTypesA
GetUserDefaultLCID
WritePrivateProfileSectionA
FindResourceW
DeviceIoControl
SetLastError
IsSystemResumeAutomatic
GetVolumeInformationA
GlobalGetAtomNameA
InitAtomTable
OpenMutexA
CreateSemaphoreW
CommConfigDialogA
GlobalFindAtomA
CreateIoCompletionPort
WriteProfileStringW
GetTempPathW
OpenFileMappingA
GetThreadContext
OpenFileMappingW
FatalAppExitA
GetOverlappedResult
GetLongPathNameW
InterlockedExchange
Beep
GetDiskFreeSpaceW
CreateMailslotA
GetEnvironmentVariableA
CreateMailslotW
GetDriveTypeA
GetSystemTime
AddAtomA
FindCloseChangeNotification
BackupWrite
ConnectNamedPipe
ClearCommBreak
SearchPathW
GetCurrentThreadId
EnumResourceTypesW
TransactNamedPipe
PeekNamedPipe
SetComputerNameA
SetFileAttributesA
FatalExit
GetTapePosition
DebugActiveProcess
GetAtomNameW
GetModuleFileNameA
VirtualFreeEx
GetProfileIntW
LeaveCriticalSection
GlobalSize
GetNamedPipeHandleStateA
OpenThread
ExitProcess
GetEnvironmentVariableW
MulDiv
BuildCommDCBW
ReadFileScatter
HeapReAlloc
BuildCommDCBAndTimeoutsA
GetWindowsDirectoryA
GetPrivateProfileSectionNamesW
PulseEvent
FindFirstFileW
BuildCommDCBAndTimeoutsW
ReadProcessMemory
GetFullPathNameA
VerifyVersionInfoW
GlobalLock
TzSpecificLocalTimeToSystemTime
HeapLock
GlobalMemoryStatusEx
lstrcmpW
LocalFlags
WaitNamedPipeW
LocalLock
QueryPerformanceFrequency
SetupComm
IsBadHugeWritePtr
RaiseException
ReadFile
SetUnhandledExceptionFilter
CreateDirectoryExA
WriteProfileStringA
IsBadStringPtrA
SetFilePointer
GlobalReAlloc
GetTapeStatus
CreateMutexA
GlobalAlloc
CreateNamedPipeW
CreateFileMappingW
SetFirmwareEnvironmentVariableW
OutputDebugStringW
lstrcatA
lstrlenW
TlsSetValue
GetQueuedCompletionStatus
LocalShrink
SetCurrentDirectoryW
GetFileInformationByHandle
WaitForDebugEvent
SystemTimeToFileTime
SetFileApisToANSI
HeapCreate
OpenProcess
AreFileApisANSI
TerminateThread
BackupSeek
SetTapeParameters
GetProfileStringA
FindFirstChangeNotificationW
GetFileSize
GetCommTimeouts
GetComputerNameA
GlobalAddAtomA
SetVolumeLabelA
lstrcpynA
CopyFileW
GetCurrentProcessId
CreateProcessW
ReleaseMutex
SetHandleInformation
HeapFree
SetCommState
DebugActiveProcessStop
SetEnvironmentVariableA
LockResource
ContinueDebugEvent
SleepEx
SetProcessWorkingSetSize
VirtualLock
GetCommMask
WriteProfileSectionA
WritePrivateProfileStringA
GlobalCompact
GetShortPathNameW
MapViewOfFileEx
DefineDosDeviceA
GetMailslotInfo
VirtualProtect
GetSystemTimeAsFileTime
CreateDirectoryW
lstrcpynW
LocalFileTimeToFileTime
GetCommModemStatus
GetProcessId
SetFileTime
CreateNamedPipeA
OpenEventA
GetFileAttributesExA
SetStdHandle
GetProfileIntA
SetThreadContext
CreateFileA
LocalUnlock
TransmitCommChar
lstrlenA
VerifyVersionInfoA
VirtualUnlock
FindNextFileA
ProcessIdToSessionId
RemoveDirectoryA
SetDefaultCommConfigA
FindNextChangeNotification
GlobalUnlock
WaitForSingleObject
HeapUnlock
RequestDeviceWakeup
WaitForMultipleObjectsEx
GetPrivateProfileIntA
SetHandleCount
GlobalAddAtomW
CreateTapePartition
FreeEnvironmentStringsW
EnumResourceLanguagesA
CreatePipe
EnumResourceNamesA
GetNumaHighestNodeNumber
CreateDirectoryA
GetProcessPriorityBoost
RemoveDirectoryW
GetProcessTimes
SuspendThread
GlobalUnWire
SetSystemPowerState
DeleteFileA
GetTickCount
LocalAlloc
GetFileAttributesA
QueryDosDeviceA
LoadResource
HeapSize
FreeLibrary
InitializeCriticalSection
RtlUnwind
UnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
TlsGetValue
TlsAlloc
WriteFile
GetEnvironmentStrings
HeapDestroy
QueryPerformanceCounter
VirtualAlloc
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
GetStringTypeA
WriteConsoleA

user32

GetClassNameW
RealGetWindowClassW
SetWindowLongW
ShowWindow
CharLowerW
EnumChildWindows
CharUpperW
GetClassNameA
SetWindowPos
SetWindowTextW
SystemParametersInfoW
MoveWindow
CallWindowProcW
GetWindowRect
SendMessageW
IsWindow
IsWindowVisible
RealGetWindowClassA

oleaut32

VariantInit
VariantClear
SysAllocString
SysFreeString

Exports

Exports

NSGetModule

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3381c6baa46644ae299951d0bb131dae

Headers

DLL Characteristics

File Characteristics

Imports

nspr4

xpcom

kernel32

user32

oleaut32

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 140KB - Virtual size: 139KB

.data Size: 16KB - Virtual size: 45KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 205KB - Virtual size: 205KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 140KB - Virtual size: 139KB

.data
Size: 16KB - Virtual size: 45KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 205KB - Virtual size: 205KB