b5c300c424c9b50c7ad786515a982abb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b5c300c424c9b50c7ad786515a982abb_JaffaCakes118
Size

261KB
MD5

b5c300c424c9b50c7ad786515a982abb
SHA1

a31faa694201111f27eb050816f8b262f4820fa9
SHA256

71ec50ee52b7cfc55d65e1d4f6399b2e51af12dbae7eefa1c2301b025d8184c7
SHA512

cc51dca0357f1dc7333799fcf4d42819de5d143dd2f88b3d414b45900bb666427b01bb5e7e12702b28ec4cdb1e410cbce72f216ef469c957054e419aed91db43
SSDEEP

6144:cDJ4yk23t1BbHhkNEvFw7bnOaIaWjoWzYAOxjpF:cDJ4Fehk37bnjImwYAOxjpF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5c300c424c9b50c7ad786515a982abb_JaffaCakes118

Files

b5c300c424c9b50c7ad786515a982abb_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

41a1e926dd767ba74a2a824a08b86c86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\projects\pc connectivity solution\pccs 3.4\source files\pc connectivity api\lcifapi solution\lcifapi\win32\release\PCCS_LCIFAPI.pdb

Imports

kernel32

EnterCriticalSection
HeapAlloc
ResetEvent
ExitThread
GetCurrentThreadId
CloseHandle
HeapFree
CreateThread
HeapSize
WaitForSingleObject
TerminateThread
lstrlenA
SetEvent
InitializeCriticalSection
DeleteCriticalSection
CreateEventA
GetProcessHeap
LoadLibraryA
GetProcAddress
FreeLibrary
WaitForMultipleObjects
OpenEventA
GetModuleFileNameA
WideCharToMultiByte
lstrlenW
Sleep
LeaveCriticalSection
HeapValidate
IsBadCodePtr
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
GetCommandLineA
RaiseException
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
WriteFile
GetStdHandle
ExitProcess
GetCPInfo
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime

advapi32

RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

ole32

CoWaitForMultipleHandles
CoUninitialize
CoCreateInstance
CoInitializeEx

oleaut32

SysFreeString
VarBstrCmp
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen
VariantClear
SafeArrayCreate
VariantInit
SysStringLen
SysAllocStringByteLen
SysAllocString
SysStringByteLen

Exports

Exports

DllRegisterServer
DllUnregisterServer
LCIFAPI_CloseHandle
LCIFAPI_FreeMessage
LCIFAPI_GetAPIVersion
LCIFAPI_Initialize
LCIFAPI_OpenHandle
LCIFAPI_QueryServiceSupport
LCIFAPI_RegisterNotification
LCIFAPI_RegisterNotificationCB
LCIFAPI_RegisterNotificationIF
LCIFAPI_SendMessage
LCIFAPI_Terminate

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

41a1e926dd767ba74a2a824a08b86c86

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 33KB - Virtual size: 32KB

.data Size: 5KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 11KB

.text Size: 113KB - Virtual size: 116KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 11KB

.text
Size: 113KB - Virtual size: 116KB