c8205c7edb79709dcb77038e4af160f2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c8205c7edb79709dcb77038e4af160f2_JaffaCakes118
Size

502KB
MD5

c8205c7edb79709dcb77038e4af160f2
SHA1

c3c935956c0aefc7899e51696829ebbbf5596be6
SHA256

515b3103786959194f8dfdcb9abf2c93b84d0977f04b61a084eb73f12d64657c
SHA512

ffb30430b27f96332321475b2a4b11d87318ad4ea672ab6854b3194f9aee2a6bb9d0aee7e3cdc54bc3b8c6c2d842193a67bd5c4b900eabc75afd2e02d052fc27
SSDEEP

6144:jhlE9IW+WQyKL8ze3iWVGxt5Qr8euxvzj0dmKcAnNkwlMac85yDhJK1wkS5Dqy:FHmP2ZVmQrnuSpcAnNnMIy/1D3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8205c7edb79709dcb77038e4af160f2_JaffaCakes118

Files

c8205c7edb79709dcb77038e4af160f2_JaffaCakes118
.dll windows:6 windows x86 arch:x86

8f5142adfbc08dca9cb58adf528ee514

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

jsprofilerui.pdb

Imports

kernel32

CloseHandle
WriteFile
CreateFileW
WideCharToMultiByte
DeleteFileW
GetEnvironmentVariableW
HeapAlloc
GetProcessHeap
HeapFree
lstrcmpW
GetVersionExA
HeapDestroy
HeapReAlloc
HeapSize
GetProcAddress
LoadLibraryA
VirtualFree
VirtualAlloc
GetCommandLineA
RtlUnwind
VirtualProtect
GetSystemInfo
VirtualQuery
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedDecrement
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetTempFileNameW
OutputDebugStringA
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
Sleep
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
InterlockedIncrement
GetEnvironmentVariableA
GetCurrentThreadId
GetCurrentProcess
GetLastError
LeaveCriticalSection
LoadLibraryW
SearchPathW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
CreateActCtxW
ReleaseActCtx
ActivateActCtx
DeactivateActCtx
InterlockedCompareExchange
EnterCriticalSection
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
FlushInstructionCache
FindResourceExW
LockResource
GlobalAlloc
GlobalLock
GlobalFree
SetLastError
GlobalUnlock
GetNumberFormatW
GetLocaleInfoW
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
lstrcmpiW
RaiseException
InterlockedExchange
GetVersionExW
TerminateProcess
GetModuleFileNameW

user32

DestroyMenu
PostMessageW
GetKeyState
DrawTextW
GetDlgItem
GetSysColor
GetWindowLongA
DrawEdge
GetMessagePos
SetScrollInfo
GetScrollPos
SetScrollPos
UnregisterClassA
TrackPopupMenuEx
GetMenuItemCount
DeleteMenu
CheckMenuRadioItem
CreatePopupMenu
AppendMenuW
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
PtInRect
ReleaseCapture
GetCapture
SystemParametersInfoW
GetDlgCtrlID
SetCapture
KillTimer
SetTimer
InvalidateRect
UpdateWindow
ClientToScreen
RegisterClassExW
GetSystemMetrics
InflateRect
SetRect
GetCursorPos
SetWindowTextW
GetFocus
DrawFocusRect
LoadCursorW
GetClassInfoExW
AdjustWindowRectEx
IsWindowEnabled
ScreenToClient
SetWindowPos
GetMenu
CreateWindowExW
GetWindowLongW
CallWindowProcW
DefWindowProcW
GetDC
FillRect
ReleaseDC
LoadAcceleratorsW
DestroyAcceleratorTable
SetFocus
EnableWindow
IsWindowVisible
TranslateAcceleratorW
CreateDialogParamW
IsWindow
SetWindowLongW
ShowWindow
GetClientRect
GetParent
MoveWindow
DestroyWindow
GetSysColorBrush
GetWindowRect
SendMessageW
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
MessageBoxW
LoadStringW
CharNextW
LoadImageW
SetDlgItemTextW

ole32

CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SysAllocStringLen
VarR8FromStr
SysAllocString
VarUI4FromStr
VariantChangeType
SysFreeString
VariantClear
VariantCopy
VariantInit

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegSetValueExW
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW

gdi32

GetStockObject
DeleteObject
DeleteDC
SetBkColor
GetTextExtentExPointW
SetTextAlign
ExtTextOutW
SetBkMode
SetTextColor
SetLayout
BitBlt
CreateSolidBrush
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetTextExtentPoint32W
GetObjectW
GetDeviceCaps
GetTextExtentPointW

shlwapi

ord437
ord219

urlmon

ord423

iertutil

ord70
ord65
ord64
ord68
ord61
ord650

Exports

Exports

CreateProfileTab

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 273KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8f5142adfbc08dca9cb58adf528ee514

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

ole32

oleaut32

oleacc

advapi32

gdi32

shlwapi

urlmon

iertutil

Exports

Exports

Sections

.text Size: 185KB - Virtual size: 185KB

.data Size: 11KB - Virtual size: 12KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 9KB - Virtual size: 8KB

.text Size: 273KB - Virtual size: 276KB

.text
Size: 185KB - Virtual size: 185KB

.data
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 9KB - Virtual size: 8KB

.text
Size: 273KB - Virtual size: 276KB