b300da007fce384936e5ab259573ca21_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b300da007fce384936e5ab259573ca21_JaffaCakes118
Size

200KB
MD5

b300da007fce384936e5ab259573ca21
SHA1

6f818873e52595dd766fd990c8b6f7442cd1bf84
SHA256

c1e2619624d782dfd62ff2b59ceea725fc961a2506b16d54c9d0e4f36261c340
SHA512

8d058df272dd999c2384ce9c631ac73721a1941e0ef5945ac4294ca9194b362dd5fd6f7dd88f1253f11566f6ae73e3174679b59be9f60f147882755277b94063
SSDEEP

3072:iNZCE06X0vRMYgwpbyo6Q9ZRvQu5eqqFUGTbJouHJMrQGzlPhoV6X:i+6X0vR3pbD9DQnjbHJM7n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b300da007fce384936e5ab259573ca21_JaffaCakes118

Files

b300da007fce384936e5ab259573ca21_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

7151c264a0236d1d851ae9b27f5e5478

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetReadFile
InternetGetCookieA
InternetSetCookieA
InternetCrackUrlA
InternetCloseHandle
InternetSetStatusCallback
InternetGetConnectedState
HttpQueryInfoA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shlwapi

SHDeleteEmptyKeyA
SHDeleteValueA
SHDeleteKeyA
SHSetValueA
SHGetValueA

kernel32

CloseHandle
GetTickCount
GetTempFileNameA
GetTempPathA
LockResource
SizeofResource
LoadResource
FindResourceA
GetVersionExA
GetWindowsDirectoryA
GetEnvironmentVariableA
GetModuleHandleA
WideCharToMultiByte
FindClose
lstrcpyA
SetEvent
WaitForSingleObject
Sleep
WaitForMultipleObjects
ResetEvent
CreateEventA
DeviceIoControl
CreateFileA
CopyFileA
DeleteFileA
MoveFileExA
GetLastError
RemoveDirectoryA
FindNextFileA
CreateDirectoryA
LoadLibraryExA
SetErrorMode
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
MapViewOfFile
OpenFileMappingA
CreateFileMappingA
UnmapViewOfFile
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
CreateMutexA
GetSystemTime
TerminateThread
CreateProcessA
GetSystemDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcatA
lstrcpyW
GetModuleFileNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
LoadLibraryA
FreeLibrary
GetProcAddress
GetShortPathNameA
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
lstrlenW
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
lstrlenA
MultiByteToWideChar
LocalFree
FindFirstFileA

user32

FindWindowExA
GetPropA
SetPropA
wsprintfA
GetClassNameA
CreateWindowExA
GetDlgItem
DestroyWindow
InvalidateRect
GetParent
GetDesktopWindow
MapWindowPoints
RemovePropA
GetSysColorBrush
UpdateWindow
ShowWindow
LoadImageA
SetRect
CharNextA
CharUpperA
CharLowerA
DrawEdge
MessageBoxA
FillRect
GetFocus
KillTimer
TrackPopupMenu
GetWindow
RegisterWindowMessageA
GetClassInfoExA
RegisterClassExA
SetTimer
GetKeyState
TranslateMessage
DispatchMessageA
CallWindowProcA
GetWindowLongA
SetWindowLongA
GetClientRect
CopyRect
InflateRect
BeginPaint
EndPaint
GetSysColor
DrawTextA
IsWindow
GetWindowRect
SetWindowPos
RedrawWindow
GetSystemMetrics
PtInRect
ReleaseCapture
GetDC
ReleaseDC
SetCapture
GetCursorPos
ScreenToClient
LoadCursorA
SetCursor
SetWindowTextA
PostMessageA
SendMessageA
DefWindowProcA
CheckMenuRadioItem
LoadStringA
GetSubMenu
LoadMenuA
InsertMenuA
DestroyMenu
GetWindowTextA
CreatePopupMenu
SetForegroundWindow
SendMessageTimeoutA
GetWindowModuleFileNameA
EnumWindows
GetForegroundWindow
LoadBitmapA

gdi32

CreateBitmap
SetBkColor
CreateFontIndirectA
GetTextExtentPoint32A
GetObjectA
DeleteObject
Rectangle
SetBkMode
SetTextColor
CreateSolidBrush
SelectObject
CreatePen
GetStockObject
SelectClipRgn
CombineRgn
CreateRectRgn
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegFlushKey
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyExA
RegDeleteValueA
RegQueryValueExA
RegQueryValueA
RegQueryInfoKeyA
RegEnumValueA
RegCreateKeyExA

shell32

ShellExecuteExA
ShellExecuteA

ole32

OleInitialize
OleUninitialize
CLSIDFromString
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoTaskMemRealloc
CoUninitialize

oleaut32

LoadTypeLi
RegisterTypeLi
VarUI4FromStr
SysStringByteLen
SysAllocStringByteLen
VariantInit
LoadRegTypeLi
SysStringLen
SysAllocStringLen
VariantClear
SysAllocString
SysFreeString

comctl32

ImageList_Draw
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Destroy
ImageList_Remove
ImageList_AddMasked
ImageList_Create

urlmon

URLDownloadToCacheFileA
URLDownloadToFileA

msvcrt

strlen
memset
_snprintf
strcmp
strncmp
??3@YAXPAX@Z
__CxxFrameHandler
tolower
strftime
localtime
??2@YAPAXI@Z
memcpy
memcmp
strcpy
strstr
strcat
atoi
strncpy
_strnicmp
fgets
rewind
toupper
ftell
strtok
_purecall
_mbspbrk
sscanf
_itoa
atol
free
malloc
strrchr
time
realloc
_mbscmp
fclose
fprintf
fseek
fopen
_beginthreadex
strchr
_except_handler3
fwrite
_mbsstr
sprintf
_CxxThrowException
?terminate@@YAXXZ
__dllonexit
isalnum
abs
_ftol
_mbsnbcpy
_mbsnbcmp
_strlwr
_onexit
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
strncat
memmove
wcscpy
iswalnum
wcschr
_snwprintf
wcslen
wcscat
_stricmp
_wcsnicmp
_wcsicmp

setupapi

SetupIterateCabinetA

netapi32

Netbios

Exports

Exports

CheckIntegrity
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
RunSettings

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7151c264a0236d1d851ae9b27f5e5478

Headers

File Characteristics

Imports

wininet

version

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

urlmon

msvcrt

setupapi

netapi32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 48KB - Virtual size: 46KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 48KB - Virtual size: 46KB

.reloc
Size: 12KB - Virtual size: 11KB