ba83e6fe4ff6e4512e331ef2fdffbed2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba83e6fe4ff6e4512e331ef2fdffbed2_JaffaCakes118
Size

100KB
MD5

ba83e6fe4ff6e4512e331ef2fdffbed2
SHA1

1a3c7cc31baa6ea2c046c264b579ca263682be80
SHA256

1df7b988ec41b01b477f3eea1e9de4d8dfdf7fa570b7984da9e6d490344021ce
SHA512

d0027d51388e2d8a3a380bf04e78c9aa9ef5a9269001570b8f6a3b62ceb1bb96d4d1a6950d7080024320e40cb957da04e2f302687006e27d2105d562a38fcea0
SSDEEP

1536:0msCrN/6AVdxvhDS2n0QbeXO+K6xgqu56mcWFF3AE0BnLSwrhpqKAf3qquZP2:0msCdHdLS2dbUOOxgGk0BLvrhzuRH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba83e6fe4ff6e4512e331ef2fdffbed2_JaffaCakes118

Files

ba83e6fe4ff6e4512e331ef2fdffbed2_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

a42139500837c47f414c64eb0fc59493

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetAtomNameA
SetFileAttributesA
FindAtomW
GetProfileIntW
MultiByteToWideChar
GetLargestConsoleWindowSize
FormatMessageW
MoveFileExW
SetConsoleTitleA
OpenSemaphoreW
SetHandleCount
CreateSemaphoreA
FindVolumeMountPointClose
UnregisterWaitEx
GlobalMemoryStatusEx
GetConsoleScreenBufferInfo
MoveFileExA
AreFileApisANSI
PostQueuedCompletionStatus
FreeEnvironmentStringsW
LoadResource
VirtualFree
CallNamedPipeA
SetComputerNameExW
FillConsoleOutputCharacterW
FindFirstVolumeW
HeapSetInformation
GetUserDefaultUILanguage
GetWindowsDirectoryA
CompareFileTime
GetAtomNameW
SetNamedPipeHandleState
GetComputerNameW
CreateFileA
FindFirstChangeNotificationW
SetStdHandle
IsBadHugeReadPtr
SetTimeZoneInformation
LocalUnlock
GetStdHandle
FindFirstVolumeMountPointW
ProcessIdToSessionId
CreateFileMappingA
FindResourceExA
SetEvent
CreateMailslotW
SetVolumeMountPointW
SetComputerNameA
CreateIoCompletionPort
GetThreadContext
ConvertDefaultLocale
ExitThread
GetLocalTime
SetConsoleCursorPosition
ReadConsoleA
SetCurrentDirectoryA
GetBinaryTypeA
AddAtomA
VirtualAlloc
FindNextVolumeW
HeapCompact
GetModuleFileNameW
CreateMutexW
UpdateResourceA
SetEnvironmentVariableA
WaitNamedPipeA
ReleaseSemaphore
ResetEvent
lstrcatA
WinExec
IsBadReadPtr
ReadConsoleInputW
HeapFree
ReadFile
CopyFileA
EnterCriticalSection
InterlockedIncrement
GetTickCount
VirtualProtect
GlobalAlloc
GetComputerNameA
WriteFile
GetProcAddress
CloseHandle
GetModuleFileNameA
GetLastError
VirtualQuery
InitializeCriticalSection
ExpandEnvironmentStringsA
HeapAlloc
GetModuleHandleA
LoadLibraryA
InterlockedDecrement
CreateProcessA
LeaveCriticalSection
WideCharToMultiByte

ole32

OleRegGetUserType
OleCreateLinkToFile
CreateDataAdviseHolder
CoImpersonateClient
CreateGenericComposite
CreateBindCtx
StringFromIID
CoCreateFreeThreadedMarshaler
StgCreateDocfileOnILockBytes
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CLSIDFromString
OleCreate

shlwapi

PathRenameExtensionW
wvnsprintfW
PathCompactPathW
PathFileExistsA
UrlEscapeW
StrCatW
PathAddExtensionW
PathCreateFromUrlW
SHRegGetUSValueW
PathIsUNCW
PathIsDirectoryW
StrChrIW
StrRetToBufW
SHDeleteKeyW
PathIsFileSpecW
PathFileExistsW
StrCatBuffA
UrlCreateFromPathW
StrCmpNW
StrCpyW
SHGetValueW
PathGetCharTypeA
PathRemoveExtensionW
StrStrIA
UrlUnescapeW
StrCmpNIW
SHDeleteKeyA

advapi32

RegDeleteValueW
LookupAccountNameA
RegCreateKeyExA
ConvertSidToStringSidA
RegOpenKeyExA
RegSetValueExA
QueryServiceLockStatusA
UnlockServiceDatabase
RegQueryValueA
RegisterServiceCtrlHandlerW
EnumServicesStatusW
SetTokenInformation
QueryServiceConfigW
OpenEventLogA
RegNotifyChangeKeyValue
CloseEventLog
QueryServiceStatus
RegQueryInfoKeyA
OpenServiceA
ReportEventA
GetServiceKeyNameW
RegDeleteKeyW
RegCreateKeyExW
GetServiceDisplayNameW
ChangeServiceConfig2W
RegOpenKeyExW
ReadEventLogA

shell32

SHFileOperationA
SHGetSpecialFolderPathW
SHBindToParent
SHCreateShellItem
DragFinish
ShellExecuteExA
SHGetFolderPathA

gdi32

EnumMetaFile
CloseFigure
CreateICA
ScaleWindowExtEx
GetDIBits
CloseMetaFile
SetAbortProc
GetCharABCWidthsA
CreateRectRgn
CreateRectRgnIndirect
CreateMetaFileW
GetTextFaceW
GetMetaFileBitsEx
CreateFontW
IntersectClipRect
InvertRgn
SetMiterLimit
SetMagicColors
GetDCOrgEx
RemoveFontResourceW
GetMapMode
AddFontResourceA
SetDCBrushColor
CreateEnhMetaFileA
SetDIBColorTable
GetWindowOrgEx
CreatePen
ResizePalette
EndPath
GetGlyphOutlineA
GetObjectType
SetGraphicsMode
GetKerningPairsA
CreatePatternBrush
PolyBezier
GetViewportExtEx
SetMetaFileBitsEx
GetTextCharset
SetTextCharacterExtra
CreateCompatibleBitmap
GetCharWidth32W
CreateHalftonePalette
GetGraphicsMode
GetCharABCWidthsW
AnimatePalette
EnumFontFamiliesW
GetTextExtentPointW
SetMapMode
TranslateCharsetInfo
GetTextCharacterExtra

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a42139500837c47f414c64eb0fc59493

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB