c1194e651a63cbaaba16b142028e1dfc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c1194e651a63cbaaba16b142028e1dfc_JaffaCakes118
Size

100KB
MD5

c1194e651a63cbaaba16b142028e1dfc
SHA1

24ee317c8910115c001aa65a481c09914761fb96
SHA256

cb00808c72a916fefcfc2625b5aeddc345de9306576b759418782ff97034fc0e
SHA512

c14af0b43433d7dead76df876b1a4e49a5cd15df8d38402b6fcfa8e509e46b3261fc9a9abf0e14c857264da0b6c990ae98691150ac4affb34273c9c6de42920e
SSDEEP

3072:TcCbkxdL75L15qJ4xXrbqEtNf7bsK1LJvpVaU5:Tet/511r+4NnfVwU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1194e651a63cbaaba16b142028e1dfc_JaffaCakes118

Files

c1194e651a63cbaaba16b142028e1dfc_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

71cbb4a2bf140876a587757a5721b135

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadHugeWritePtr
GetAtomNameW
GetTempFileNameA
DeleteCriticalSection
CompareFileTime
GetFileAttributesA
GetThreadContext
RegisterWaitForSingleObjectEx
UnmapViewOfFile
CreateToolhelp32Snapshot
RtlUnwind
TransactNamedPipe
GetDriveTypeW
GetCurrentDirectoryA
WaitForSingleObjectEx
SetFilePointer
AddAtomW
CreateEventA
GetVersionExA
GetConsoleOutputCP
SetLocalTime
WriteProfileStringW
HeapLock
GetCPInfo
GetVersion
GetVolumePathNameW
EnumUILanguagesW
VerifyVersionInfoW
SetConsoleMode
SetFileTime
FillConsoleOutputCharacterW
GetThreadTimes
CreateWaitableTimerA
UnregisterWait
DeviceIoControl
GetCurrentProcess
LocalFlags
SetTimeZoneInformation
LocalLock
LocalAlloc
SwitchToThread
SetInformationJobObject
TerminateProcess
SetStdHandle
OpenMutexA
GetStringTypeExW
UnregisterWaitEx
GetModuleHandleW
GetStringTypeA
GlobalAlloc
GetShortPathNameW
SetVolumeLabelW
GetVolumePathNamesForVolumeNameW
FindVolumeClose
FindNextFileW
SetConsoleScreenBufferSize
lstrcmpiA
GetConsoleMode
RtlMoveMemory
SetFilePointerEx
LCMapStringA
SleepEx
FindClose
AddAtomA
GetUserDefaultLCID
GetEnvironmentVariableW
SetNamedPipeHandleState
GetVersionExW
GetTimeZoneInformation
GetModuleHandleExW
GetProfileSectionA
GetHandleInformation
GetCurrentThread
OpenFile
WriteConsoleInputA
DosDateTimeToFileTime
GetExitCodeProcess
OpenSemaphoreW
FillConsoleOutputAttribute
SetEnvironmentVariableW
WriteFileEx
WaitForMultipleObjectsEx
HeapCreate
GetSystemDirectoryA
MoveFileExA
EnumSystemLocalesA
CopyFileW
FindFirstVolumeMountPointW
WriteProcessMemory
IsWow64Process
GetThreadLocale
TerminateThread
GetSystemInfo
CreateNamedPipeA
GetCurrentProcessId
LoadLibraryA
CloseHandle
GetLastError
ExpandEnvironmentStringsA
HeapAlloc
VirtualQuery
LeaveCriticalSection
ReadFile
GetComputerNameA
HeapFree
Sleep
CreateProcessA
GetTickCount
GetProcAddress
InitializeCriticalSection
CreateFileA
WriteFile
CreateMailslotA

ole32

OleLoad
CoAllowSetForegroundWindow
PropVariantClear
OleRegGetMiscStatus
OleCreateFromFile
CreateDataAdviseHolder
StgOpenStorage
CoSetProxyBlanket
CoFileTimeNow
CoMarshalInterThreadInterfaceInStream
CreateFileMoniker
OleGetAutoConvert
OleRegGetUserType
CreateItemMoniker
CoUnmarshalInterface
StgCreateDocfileOnILockBytes
MkParseDisplayName
CoFreeUnusedLibraries
CoInitializeEx
OleSaveToStream
FreePropVariantArray
StringFromGUID2
OleCreateFromData
CLSIDFromString
OleCreate
CoCreateInstance
CoUninitialize
OleSetContainedObject
CoInitialize
CoTaskMemFree
OleUninitialize

shlwapi

PathCommonPrefixW
PathCombineW
PathFindFileNameA
PathCreateFromUrlW
SHCreateStreamOnFileW
PathIsDirectoryA
StrCatBuffW
PathFindExtensionA
StrRetToBufW
PathQuoteSpacesW
StrCpyNW
PathSetDlgItemPathW
StrStrA
PathRenameExtensionW
StrChrW
PathIsPrefixW
PathAppendA
StrRetToStrW
PathIsRelativeW
PathParseIconLocationW
PathIsUNCServerShareW
StrFormatByteSizeW
PathCompactPathW
StrTrimW
PathFindNextComponentW
StrStrIA
StrCmpIW
SHDeleteKeyA
UrlUnescapeW
StrStrIW
StrCmpNIW

advapi32

MapGenericMask
RegisterEventSourceW
RegEnumKeyA
CreateServiceA
RegEnumValueA
DuplicateToken
GetAclInformation
RegisterServiceCtrlHandlerA
RegConnectRegistryW
RegNotifyChangeKeyValue
CreateServiceW
RegOpenKeyW
RegisterServiceCtrlHandlerW
RegRestoreKeyW
QueryServiceStatusEx
StartServiceW
RegSaveKeyW
RegQueryValueA
RegEnumKeyExW
RegSetValueExW
RegEnumKeyExA
RegQueryValueExA
ConvertSidToStringSidA
RegOpenKeyExA
LookupAccountNameA
RegCreateKeyExW
GetInheritanceSourceW
OpenProcessToken
RegSaveKeyExW

shell32

ExtractIconExW
ShellExecuteA
DragQueryFileW
CommandLineToArgvW
SHGetFolderLocation
DragFinish
DragAcceptFiles
DragQueryFileA
ShellExecuteExA
SHGetMalloc
SHFileOperationA

gdi32

SetAbortProc
SetBrushOrgEx
CreateFontIndirectA
CreateEllipticRgnIndirect
GetKerningPairsA
GetFontResourceInfoW
GetEnhMetaFileBits
DeleteObject
SetPaletteEntries
ResizePalette
GetBitmapBits
OffsetWindowOrgEx
GetTextFaceA
PolyPolygon
SetLayout
SetTextAlign
CreateBrushIndirect
CreatePalette
CreateDIBitmap
UnrealizeObject
FlattenPath
GetLayout
ExtTextOutW
GetTextCharset
EnumFontFamiliesExA
SetTextColor
CreateCompatibleDC
MoveToEx
GetStretchBltMode
SetSystemPaletteUse
SetViewportExtEx
DeleteEnhMetaFile
CreateMetaFileA
PolyBezierTo
AnimatePalette
EnumMetaFile
GetSystemPaletteEntries
CloseMetaFile
GetObjectType
Ellipse
CreateICA
GetCurrentObject
PtInRegion
GetDCOrgEx
PlayMetaFile
GetCharacterPlacementA
CreateFontW
SetBitmapBits
CreateHalftonePalette
SetWorldTransform
SetColorAdjustment
CreateEnhMetaFileA
GetOutlineTextMetricsA
SetPixel
StretchDIBits
GetTextCharacterExtra
GetTextAlign
TextOutW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71cbb4a2bf140876a587757a5721b135

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB