c1b1c9ee5b3edf45d880fe72dd853afe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c1b1c9ee5b3edf45d880fe72dd853afe_JaffaCakes118
Size

124KB
MD5

c1b1c9ee5b3edf45d880fe72dd853afe
SHA1

9a0cc355c76c61cc1e2a09c797f98dc68d65122f
SHA256

1d548f3f947ec520b3a39f90518ecd3bb922b177dab9d484981b0e95ce26b024
SHA512

567af96c87300777afaf501074b32ce7ea337fddeec9711d68d09545189ba9e7ee438019cfde47650e12252ac8ee8a8f6cd993aa642c9454e63c8dc0378ff3b1
SSDEEP

3072:etPz5qrOdVTEndb85nucVwN5Hi1HaNTTQmObCSzhUxDMibN3BTev:IVFVTElWvwNZoHITQjbtaxDMibrT2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1b1c9ee5b3edf45d880fe72dd853afe_JaffaCakes118

Files

c1b1c9ee5b3edf45d880fe72dd853afe_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

cc4f5eaeaa6d653d8f5a6f593522b187

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OpenFileMappingA
SetStdHandle
PostQueuedCompletionStatus
IsBadStringPtrW
HeapValidate
WriteProfileStringW
HeapSetInformation
FindFirstFileExW
GetTempFileNameW
FreeConsole
MoveFileW
LocalHandle
IsBadHugeReadPtr
ReadDirectoryChangesW
SetEnvironmentVariableA
WaitNamedPipeA
GetCommandLineW
lstrcpynA
RemoveDirectoryA
SwitchToThread
GetConsoleCP
SetEvent
FindNextVolumeMountPointW
SetConsoleTextAttribute
WriteConsoleW
GetSystemDefaultUILanguage
GetNumberFormatW
CreateMailslotW
SetInformationJobObject
VirtualAlloc
GetProfileIntA
GetCurrentProcess
GlobalHandle
DeleteTimerQueueEx
EnumSystemLocalesA
FindFirstVolumeW
ReadConsoleA
GetModuleHandleExW
GetLargestConsoleWindowSize
InterlockedExchangeAdd
GlobalMemoryStatusEx
IsWow64Process
SuspendThread
SetNamedPipeHandleState
IsValidCodePage
GetShortPathNameA
MultiByteToWideChar
lstrcpyA
GlobalGetAtomNameA
GetProfileStringW
GetDriveTypeA
OpenProcess
VerifyVersionInfoA
GetThreadPriority
ReadConsoleW
GetCurrentThread
GetLogicalDrives
GetCPInfo
CompareStringW
CompareStringA
GetBinaryTypeW
GetSystemInfo
ExpandEnvironmentStringsW
GetUserDefaultLangID
GetConsoleScreenBufferInfo
DosDateTimeToFileTime
FillConsoleOutputCharacterW
AreFileApisANSI
RtlUnwind
GetComputerNameExW
CreateSemaphoreA
TerminateJobObject
SetSystemTime
GetStringTypeExW
SetProcessShutdownParameters
UnregisterWait
GetNumberFormatA
GetEnvironmentStrings
GetFileInformationByHandle
ReadFileEx
SetProcessWorkingSetSize
SetFilePointer
SetCurrentDirectoryA
DuplicateHandle
SetConsoleCursorPosition
CreatePipe
GetTapeParameters
RaiseException
MoveFileExW
lstrcmpiA
GetProfileIntW
AssignProcessToJobObject
HeapCompact
RegisterWaitForSingleObject
GetCurrentThreadId
ConnectNamedPipe
ChangeTimerQueueTimer
GetCurrentDirectoryW
GetSystemTimeAdjustment
GetProfileStringA
GetUserDefaultUILanguage
VerLanguageNameW
HeapCreate
IsValidLocale
OpenJobObjectW
GetProcessVersion
WideCharToMultiByte
GetConsoleMode
GetProcessAffinityMask
FindResourceW
GetModuleHandleW
ReplaceFileW
ReleaseSemaphore
WaitForSingleObject
SetHandleInformation
ResumeThread
GetLogicalDriveStringsW
LocalUnlock
SetConsoleMode
CreateDirectoryW
CreateProcessW
GetAtomNameW
FindAtomW
GlobalReAlloc
CreateMailslotA
HeapFree
ExpandEnvironmentStringsA
InterlockedDecrement
UnmapViewOfFile
InterlockedExchange
EnterCriticalSection
CreateMutexA
VirtualQuery
GetSystemTimeAsFileTime
WriteFile
GetCurrentProcessId
LocalFree
GlobalAlloc
MapViewOfFile
GetProcAddress
Sleep
CreateFileMappingA
VirtualProtect
GetModuleFileNameA
HeapAlloc
DeleteFileA
LoadLibraryA
GlobalFindAtomA

user32

ShowWindowAsync
GetMenuDefaultItem
EnumThreadWindows
DrawTextA
CharNextA
CreateDialogParamW
MonitorFromWindow
GetActiveWindow
GetWindowLongW
OemToCharBuffA
CheckDlgButton
MessageBoxIndirectW
DrawTextExW
LoadCursorW
RedrawWindow
ShowWindow
DrawStateA
MapVirtualKeyExW
ToAscii
UpdateWindow
TranslateAcceleratorA
GetGUIThreadInfo
SetMenu
EndTask
ScrollWindow
GetClassInfoA
DefFrameProcW
GetCaretBlinkTime
GetScrollRange
DialogBoxParamW
DialogBoxParamA
ModifyMenuW
DispatchMessageW
DefMDIChildProcA
CreateAcceleratorTableW
GetWindowTextW
GetParent
CloseWindowStation
SetWindowWord
GetInputState
DestroyCaret
LoadStringW
CreateAcceleratorTableA
CreateDialogIndirectParamA
ShowCaret
SendDlgItemMessageW
WindowFromPoint
ReleaseCapture
CharUpperW
GetDlgItemTextW
OpenWindowStationW
UnregisterHotKey
IsCharAlphaA
TranslateMessage
SetCursor
CharUpperA
CharToOemA
RemovePropW
DrawIcon
ReleaseDC
LoadMenuW
IsZoomed
EndPaint
GetNextDlgTabItem
LoadImageA
EnableScrollBar
CreateCursor
IsChild
SetActiveWindow
DrawIconEx
GetIconInfo
SetMenuDefaultItem
wvsprintfW
GetMenuItemInfoA
IntersectRect
ShowOwnedPopups
GetMessageExtraInfo
FindWindowW
SetCursorPos
LoadAcceleratorsA
GetSubMenu
DialogBoxIndirectParamW
EnumDisplaySettingsA
FindWindowExW
BeginPaint
CharLowerBuffW
ChangeDisplaySettingsW
GetMessagePos
WindowFromDC
RemoveMenu
EnumDesktopsW
CharToOemW
MsgWaitForMultipleObjects
PostQuitMessage
DefDlgProcA
ValidateRect
GetClassLongA
GetClassInfoExW
GetDlgCtrlID
OpenInputDesktop
GetDC
EqualRect
FreeDDElParam
LoadMenuA
RegisterHotKey
LoadBitmapA
SetWindowsHookExA
SetWindowLongA
DefWindowProcA
GetWindowLongA
GetWindowThreadProcessId
DispatchMessageA
GetClassNameA
RegisterClassExA
FindWindowA
PeekMessageA
SendMessageA
GetClientRect
CreateWindowExA
CallNextHookEx

advapi32

RegSetValueExA
ConvertSidToStringSidA
RegQueryValueExA
RegCreateKeyExA
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegQueryInfoKeyA
ImpersonateSelf
RegCreateKeyA
RegQueryValueExW
RegSaveKeyW
EnumDependentServicesW
OpenProcessToken
RegOpenKeyA
RegisterEventSourceW
RegDeleteKeyW
RevertToSelf
StartServiceCtrlDispatcherW
RegEnumValueW
QueryServiceLockStatusW
MapGenericMask
QueryServiceLockStatusA
RegCreateKeyExW
CreateProcessWithLogonW
GetEffectiveRightsFromAclW
RegDeleteKeyA
RegOpenCurrentUser
ControlService
OpenThreadToken
GetTokenInformation
SetEntriesInAclW
EnumServicesStatusW
RegRestoreKeyA
GetOldestEventLogRecord
DeregisterEventSource
ChangeServiceConfig2W
ImpersonateAnonymousToken
RegFlushKey
ReportEventW
RegConnectRegistryA
RegCloseKey

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc4f5eaeaa6d653d8f5a6f593522b187

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB