ce8bc91ff078092637dee216ab7a4246_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ce8bc91ff078092637dee216ab7a4246_JaffaCakes118
Size

28KB
MD5

ce8bc91ff078092637dee216ab7a4246
SHA1

c6e6d7cc0eb284a5fe47dfec7962c6a2de5c52bf
SHA256

324ba4d5ae2dcef56528ec74212ff66df4c33d6f3e689b0b9444e1149da4017a
SHA512

6a5e96c5306cedea508d4e879d9ce40b226c25390a409324ba9d29fadac1dde4e00a88859d45fb4a2346100f0e499f02c346b05621d86cd0c543542031a573eb
SSDEEP

768:PU4VXeBXWB1YfgMWes87Sbt74QQIPITU+tO5w5VL1bJM:VteABuayXTm5o5vM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce8bc91ff078092637dee216ab7a4246_JaffaCakes118

Files

ce8bc91ff078092637dee216ab7a4246_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

0edc8656e8b1aa09fb23222281988770

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetOpenUrlA
InternetOpenA
InternetConnectA
InternetCanonicalizeUrlA
InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetCrackUrlA
HttpOpenRequestA
HttpSendRequestA

shlwapi

UrlCompareA
StrToIntA
StrCmpNIA
StrRChrA
StrStrIA
StrStrW

kernel32

GetVersionExA
GetACP
MultiByteToWideChar
DisableThreadLibraryCalls
TlsAlloc
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
CreateMutexA
InterlockedIncrement
CloseHandle
InterlockedDecrement
TlsSetValue
TlsGetValue
CreateProcessA
DeleteFileA
GetTempFileNameA
lstrcatA
GetWindowsDirectoryA
GetLastError
CreateDirectoryA
GetFileAttributesA
GetTempPathA
lstrcpyW
lstrcmpW
ReleaseMutex
SetEvent
WaitForSingleObject
MapViewOfFile
OpenFileMappingA
OpenEventA
OpenMutexA
UnmapViewOfFile
TerminateThread
QueueUserAPC
CreateThread
SleepEx
DuplicateHandle
GetCurrentProcess
GetCurrentThread
CreateFileA
WaitForMultipleObjectsEx
Process32Next
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
OpenSemaphoreA
SetWaitableTimer
CreateEventA
CreateWaitableTimerA
GetModuleFileNameA
WaitForMultipleObjects
CreateFileMappingA
lstrcmpiA
WideCharToMultiByte
lstrcpyA
Sleep
CreateRemoteThread
GetProcAddress
GetModuleHandleA
WriteProcessMemory
VirtualAllocEx
lstrlenA
LocalFree
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
WriteFile
LoadResource
FindResourceExA
FreeLibrary
GetShortPathNameA
LoadLibraryA

user32

UnhookWindowsHookEx
SetWindowsHookExA
wvsprintfA
DefWindowProcA
GetWindowLongA
RegisterClassExA
CallNextHookEx
SetWindowLongA
CreateWindowExA
DispatchMessageA
CloseWindow
SetForegroundWindow
MsgWaitForMultipleObjects
TranslateMessage
GetPropA
SetPropA
PeekMessageA
MsgWaitForMultipleObjectsEx

advapi32

SetSecurityInfo
RegCloseKey
RegQueryValueA
RegNotifyChangeKeyValue
RegQueryValueExA
RegCreateKeyA
RegFlushKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyA

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance
CLSIDFromString

oleaut32

SysAllocString
VariantClear
SysStringByteLen
VariantInit
SysStringLen
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
OnShutdown
OnStartup
Run
Setup

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0edc8656e8b1aa09fb23222281988770

Headers

DLL Characteristics

File Characteristics

Imports

wininet

shlwapi

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 504B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 504B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB