c7dc72e7c84a6a22939181f3729a263e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c7dc72e7c84a6a22939181f3729a263e_JaffaCakes118
Size

108KB
MD5

c7dc72e7c84a6a22939181f3729a263e
SHA1

313dc908edbc8cef52c6009795e1c0c063ae64ae
SHA256

b5525546635d0ac2e3aa529d3d04d6336c234842b07b7bc79936966c60616b69
SHA512

b1db7b444c9ef87fb4c5225915309b2f05e007dc35c6829e238a543b89139eea01193e47e747b056db957729c18b6dc89b634e19721027279da8998f758ef48a
SSDEEP

3072:DkTUje+2EmuMPwrQcAHd8+Tniz1drcklRLx:u5RIM3z9ZTQL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7dc72e7c84a6a22939181f3729a263e_JaffaCakes118

Files

c7dc72e7c84a6a22939181f3729a263e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

1a56fe39a4650f5273f0d448668a4697

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

PulseEvent
CreateToolhelp32Snapshot
GlobalDeleteAtom
CreateMutexW
WaitForMultipleObjects
EnumResourceLanguagesW
GetTempFileNameA
GetLogicalDriveStringsA
GlobalAddAtomA
GlobalReAlloc
ExitThread
SetConsoleScreenBufferSize
GetModuleFileNameW
ResetEvent
SetStdHandle
CreateEventW
LocalReAlloc
GetCompressedFileSizeW
GetShortPathNameA
GetShortPathNameW
CreateNamedPipeA
DeleteFileW
LockFile
VerifyVersionInfoA
EscapeCommFunction
FillConsoleOutputCharacterW
SetConsoleTextAttribute
LockResource
GetStringTypeExW
QueueUserAPC
OpenFile
WriteFileEx
ReadConsoleA
GetEnvironmentVariableA
SetVolumeLabelA
GetCurrentDirectoryA
GetVolumeInformationA
GlobalFindAtomA
DeleteTimerQueueTimer
GetStringTypeExA
lstrcmpW
GetTimeFormatA
LoadResource
SetSystemTime
GlobalGetAtomNameA
GetStartupInfoA
CreateTimerQueue
WriteProcessMemory
GetSystemTime
MoveFileW
PeekNamedPipe
GetStartupInfoW
SetComputerNameA
GetDiskFreeSpaceExW
CreateWaitableTimerA
GetConsoleCP
FreeLibraryAndExitThread
HeapValidate
WideCharToMultiByte
DisconnectNamedPipe
GlobalFlags
ReadConsoleInputW
IsBadCodePtr
CopyFileW
GetProcessVersion
GetComputerNameW
IsValidCodePage
HeapDestroy
GetUserDefaultLCID
GetFileAttributesA
HeapSize
GetProfileStringW
CreateConsoleScreenBuffer
GetCommandLineA
ExitProcess
GetSystemWindowsDirectoryA
IsBadStringPtrA
QueryPerformanceFrequency
GetNumberFormatA
FindCloseChangeNotification
GetVolumeInformationW
SetFilePointer
GetLogicalDrives
InterlockedExchangeAdd
GlobalGetAtomNameW
SetFileTime
ClearCommError
MapViewOfFileEx
FindResourceA
CreateDirectoryW
FindFirstChangeNotificationW
CreatePipe
TryEnterCriticalSection
QueueUserWorkItem
GetComputerNameExW
VirtualAlloc
GetCommandLineW
GetDateFormatA
WriteConsoleInputA
GetThreadContext
GetStringTypeW
lstrcmpiA
GetFullPathNameA
GetNumberFormatW
FindNextFileA
IsBadHugeWritePtr
VerLanguageNameW
GetSystemTimeAdjustment
SetLocalTime
CreateWaitableTimerW
PostQueuedCompletionStatus
GetEnvironmentVariableW
SetConsoleWindowInfo
RaiseException
GetFullPathNameW
GetLogicalDriveStringsW
CompareStringA
CreateFileW
GetTimeFormatW
RtlUnwind
HeapCreate
OpenSemaphoreA
VirtualFree
CallNamedPipeA
CreateRemoteThread
DeviceIoControl
SetProcessWorkingSetSize
GetVolumePathNamesForVolumeNameW
MoveFileExW
IsProcessorFeaturePresent
GetCurrentDirectoryW
GetUserDefaultLangID
CopyFileA
ExpandEnvironmentStringsA
InterlockedIncrement
HeapAlloc
WaitForSingleObject
GlobalAlloc
GetProcessHeap
InterlockedExchange
LoadLibraryA
GetTickCount
LocalFree
InterlockedDecrement
LeaveCriticalSection
CreateDirectoryA
GetModuleFileNameA
GetCurrentProcessId
CreateProcessA
GetComputerNameA
HeapFree
MoveFileA
WriteFile
ReadFile
MapViewOfFile
VirtualProtect
CreateFileA
GetSystemTimeAsFileTime
GetModuleHandleA
GetProcAddress
GetTapeParameters
UnmapViewOfFile

gdi32

CopyEnhMetaFileA
EnumFontFamiliesExW
GetTextMetricsW
Arc
EnumFontFamiliesA
TranslateCharsetInfo
Chord
GetTextFaceA
SetMagicColors
RoundRect
GetGlyphOutlineA
CreateEllipticRgnIndirect
GetRegionData
CreateBitmap
GetEnhMetaFileBits
SetPolyFillMode
GetTextExtentExPointW
CopyMetaFileW
PolyPolygon
CreateCompatibleDC
RemoveFontResourceA
SetColorAdjustment
SetTextAlign
SetPaletteEntries
GetWindowOrgEx
PathToRegion
DeleteEnhMetaFile
DPtoLP
GetCharABCWidthsA
CreateICA
Escape
GetBkColor
GetTextAlign
FillRgn
ArcTo
CreateDiscardableBitmap
OffsetViewportOrgEx
CreateFontW
CreateFontIndirectA
ScaleViewportExtEx
PlayMetaFileRecord
GetEnhMetaFileA
GetBitmapBits
EqualRgn
CreateDIBPatternBrushPt
CreateDIBitmap
SetBitmapDimensionEx
LineTo
GetTextCharset
CreateEnhMetaFileW
SetGraphicsMode
CreateDIBSection
GetDIBits
StretchDIBits
CreateMetaFileA
SetMapMode
Ellipse
EndDoc
UpdateColors

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a56fe39a4650f5273f0d448668a4697

Headers

File Characteristics

Imports

kernel32

gdi32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB