bfe3619240002d943bd29c0b2100e1c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bfe3619240002d943bd29c0b2100e1c2_JaffaCakes118
Size

300KB
MD5

bfe3619240002d943bd29c0b2100e1c2
SHA1

b204d85768d6d6d1c1a26fb888c4e057925d7a18
SHA256

c82ff69941773eb2e0c72e28a6efc2f8e6d5d95a4a2289a44192ddf9b3687728
SHA512

284d2b09a9c573eefb770f38ce99873abeff1714b524c200e89b0a5cceefdb048c998c6a58df80829101c01eeb34631fa12ae4bd61f2076503f39ef36be41b01
SSDEEP

6144:3lohJ0/EIKjFP3NH1yft+RtleoMZB/kIppUcqGQRYGh:3loo/EI4ZUft+v4ouWupyJh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfe3619240002d943bd29c0b2100e1c2_JaffaCakes118

Files

bfe3619240002d943bd29c0b2100e1c2_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

169cd9d9009f8d65d79dfb092f497d9f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RemoveDirectoryA
CloseHandle
CreateFileA
ReadFile
WriteFile
GetFileTime
SetFileTime
GetFileAttributesA
MoveFileA
GetFileSize
InitializeCriticalSection
DeleteCriticalSection
lstrcmpA
GetModuleFileNameA
GetCurrentProcessId
GetTempPathA
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
CreateMutexA
GetLastError
ResetEvent
WaitForSingleObject
SetEvent
ReleaseMutex
CreateEventA
DebugBreak
HeapAlloc
GetTickCount
HeapReAlloc
HeapFree
lstrlenW
CreateThread
GetVersionExA
CreateDirectoryA
SetLastError
GetSystemDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetDriveTypeA
lstrcpynA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
CompareStringA
GetSystemTimeAsFileTime
LockResource
LoadResource
SizeofResource
FindResourceA
GetTempFileNameA
SetThreadPriority
GetCurrentThread
OpenFile
CopyFileA
SetFileAttributesA
DeleteFileA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
lstrcpyA
lstrcatA
lstrlenA
GetProcessHeap
WideCharToMultiByte

user32

ReleaseCapture
CopyRect
SetFocus
ShowWindow
GetParent
SetRectEmpty
GetClientRect
GetSystemMetrics
SetActiveWindow
InflateRect
EnableMenuItem
GetSystemMenu
KillTimer
SetTimer
PtInRect
GetWindowRect
GetCursorPos
GetForegroundWindow
GetWindow
SetRect
GetFocus
IntersectRect
MapWindowPoints
EqualRect
IsWindowVisible
ReleaseDC
GetDC
BringWindowToTop
IsRectEmpty
EnableWindow
GetWindowThreadProcessId
AppendMenuW
ModifyMenuW
DispatchMessageA
TranslateMessage
GetMessageA
MsgWaitForMultipleObjects
PeekMessageA
TrackPopupMenuEx
RemoveMenu
CreatePopupMenu
ModifyMenuA
AppendMenuA
GetMenuItemCount
GetKeyboardType
GetUpdateRect
BeginPaint
EndPaint
SetWindowPos
PostMessageA
wsprintfA
SystemParametersInfoA
DefWindowProcA
SetWindowLongA
GetWindowLongA
CreateWindowExA
RegisterClassA
LoadCursorA
GetClassInfoA
UnregisterClassA
DestroyWindow
IsWindow
SendMessageA
DestroyMenu

gdi32

GetPixel

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteKeyA

ole32

CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid
CreateOleAdviseHolder
CoDisconnectObject
CoCreateInstance
StringFromGUID2

oleaut32

LoadTypeLi
LoadRegTypeLi
SysFreeString
VariantClear
SysAllocString
VariantInit
SysAllocStringByteLen
SysStringLen
DispGetIDsOfNames
DispInvoke
VariantCopy
RegisterTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

169cd9d9009f8d65d79dfb092f497d9f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 8KB - Virtual size: 5KB

.text Size: 180KB - Virtual size: 180KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 180KB - Virtual size: 180KB