cee24f1695e88229619170198042bedd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cee24f1695e88229619170198042bedd_JaffaCakes118
Size

136KB
MD5

cee24f1695e88229619170198042bedd
SHA1

d3ffec31f434c3d43c29762c9d3d43c5191bb47a
SHA256

35216f224f379407ad5e40aea1b4dcceb332f360811bd038bcbce7744bc36c1f
SHA512

322b67d58f08918fe0d180f014673526d75c8db52fffc914812998aa04ed2908ada61063e4d0ea68e6558b2dbc1f3fb7390bc8d4b1ffd6218717fd923bd86355
SSDEEP

3072:FkUQHmtGkaVmwnqpCsMdjVRkkAIyJRgayMVNex:FwHmIBdqpCs8TkkzCgyVYx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cee24f1695e88229619170198042bedd_JaffaCakes118

Files

cee24f1695e88229619170198042bedd_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

c7dd34c395aa40b913fab6b5b8bab9b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo

shlwapi

SHSetValueA
SHGetValueA
StrStrIA

wininet

InternetSetOptionA
InternetCloseHandle
HttpQueryInfoA
InternetReadFile
InternetOpenUrlA
InternetOpenA

user32

CloseClipboard
wsprintfA
SystemParametersInfoA
SetWindowPos
KillTimer
SetTimer
DefWindowProcA
DispatchMessageA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
OpenClipboard
GetClassNameA
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

msvcrt

isalnum
islower
free
fclose
fwrite
fopen
tmpnam
atoi
strtol
strerror
isalpha
tolower
isupper
?what@exception@@UBEPBDXZ
wcslen
wcscmp
srand
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
strstr
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
ispunct
isxdigit
malloc
__mb_cur_max
wctomb
isspace
strncpy
strchr
??2@YAPAXI@Z
strtok
??3@YAXPAX@Z
__CxxFrameHandler
printf
toupper
_stricmp
isgraph

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

oleaut32

GetErrorInfo
SysFreeString
SysAllocString
VariantClear

winmm

timeGetTime

ole32

CoCreateInstance
CoCreateGuid
CoTaskMemFree
CoTaskMemAlloc
CoInitialize

rpcrt4

UuidToStringA

netapi32

Netbios

kernel32

QueryPerformanceFrequency
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetCurrentProcessId
InterlockedExchange
lstrcpynA
GetEnvironmentVariableA
lstrcpyA
lstrcmpA
lstrcmpiA
GetCurrentProcess
GetProcessTimes
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemDirectoryA
DeleteFileA
CreateProcessA
WaitForSingleObject
MoveFileExA
GetModuleHandleA
MultiByteToWideChar
GetCurrentThread
GetThreadTimes
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
SleepEx
OpenProcess
GetTickCount
GetWindowsDirectoryA
CloseHandle
CreateFileA
HeapFree
GetVersion
GetLastError
SetLastError
lstrlenA
GetFullPathNameA
HeapSize
HeapAlloc
GetProcessHeap
QueryPerformanceCounter
GetLocalTime
Sleep
GetCurrentDirectoryA
LocalFree
FormatMessageA
GetVersionExA
GetSystemInfo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7dd34c395aa40b913fab6b5b8bab9b5

Headers

File Characteristics

Imports

advapi32

shlwapi

wininet

user32

version

msvcrt

psapi

oleaut32

winmm

ole32

rpcrt4

netapi32

kernel32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 16KB - Virtual size: 20KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 16KB - Virtual size: 20KB

.reloc
Size: 8KB - Virtual size: 6KB