bfeefaaba685239234110f27a0e9817e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bfeefaaba685239234110f27a0e9817e_JaffaCakes118
Size

381KB
MD5

bfeefaaba685239234110f27a0e9817e
SHA1

28adca1c5d12caa80bd027acb9151cd62bb34ce0
SHA256

ae149f4f945af0de550c3b013da95c9a6d6975d2719e7c679d765c57dfe118d3
SHA512

ef8762e3915e42b523f4281d06208cb647a4f8ca3dcabdb68bfacf7d92c5911fda2db5a8d1e92b3a2f826c189d3f047adbc4b51b8a42ab54c2d0e21667d9b563
SSDEEP

6144:xjwmXNaTeBQWM1jYdN++sQYgsvWCs9SoHGU2ZE41snGGxXhYMSYwzHY:xjwmXNaTeqWM9YD++sQYgsez9RHGU2Zs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfeefaaba685239234110f27a0e9817e_JaffaCakes118

Files

bfeefaaba685239234110f27a0e9817e_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

6d65e4048512cf595b25ef1dbeeec462

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHGetValueW
SHDeleteValueW

ws2_32

getaddrinfo

kernel32

TlsAlloc
FlushFileBuffers
CreateFileA
GetProcAddress
LoadLibraryA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitThread
GetSystemTime
CreateEventW
CloseHandle
lstrcmpiA
LoadLibraryW
FreeLibrary
VirtualQuery
VirtualProtect
VirtualAlloc
InterlockedCompareExchange
GetCurrentThreadId
ResumeThread
FlushInstructionCache
GetCurrentProcess
GetThreadContext
SetThreadContext
GetLastError
SuspendThread
GetCurrentThread
SetLastError
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
GetModuleHandleW
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
HeapAlloc
GetModuleHandleA
Sleep
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
GetConsoleCP
GetConsoleMode
MultiByteToWideChar

user32

OffsetRect
InflateRect
ClientToScreen
PeekMessageW
DispatchMessageW
TranslateMessage
SetWindowTextW
SetActiveWindow
IntersectRect

oleaut32

VariantCopy
SysAllocString
VariantChangeType
VariantClear
VarCmp
VariantInit
SysFreeString
SysStringLen

Exports

Exports

DllAction
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d65e4048512cf595b25ef1dbeeec462

Headers

File Characteristics

Imports

shlwapi

ws2_32

kernel32

user32

oleaut32

Exports

Exports

Sections

.text Size: 284KB - Virtual size: 283KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 5KB - Virtual size: 27KB

.rsrc Size: 1024B - Virtual size: 844B

.reloc Size: 61KB - Virtual size: 61KB

.text
Size: 284KB - Virtual size: 283KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 5KB - Virtual size: 27KB

.rsrc
Size: 1024B - Virtual size: 844B

.reloc
Size: 61KB - Virtual size: 61KB