d3a3b18c7f914885528659482d733bea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d3a3b18c7f914885528659482d733bea_JaffaCakes118
Size

136KB
MD5

d3a3b18c7f914885528659482d733bea
SHA1

22953048c3365569416153d8cc0a6f2d4692b8b8
SHA256

92f9f534a412feeaea20d655e80d42f638ff48e99e7543ddf555ecc38da7b3cd
SHA512

aa24d9c1dd237661e1cf5887f8ad551bdbc874846e13e0955ca5999704215a0ff5e95efd1a4289a75cca41de6c3e24010f81e4e2f849aa7b631c9ec205181bde
SSDEEP

1536:77LHfPtXGATVzal+zQT3Cnn46RSFQN9tJylstHF+rPQaW/IEIUlb4vToqRhUtVGF:7xGwE6niqNTJyk2ytIUB4oqRiLGE6th

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3a3b18c7f914885528659482d733bea_JaffaCakes118

Files

d3a3b18c7f914885528659482d733bea_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

b8c4c3ae94a3c0fa020c6b844075fd32

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
GetCommandLineA
RaiseException
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc
GetACP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetOEMCP
GetCPInfo
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
GetProcessVersion
LoadLibraryA
FreeLibrary
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
GetProcAddress
WritePrivateProfileStringA
GlobalFlags
GetLastError
SetLastError
GetVersion
lstrcpynA
lstrcpyA
lstrcatA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
GlobalFree
TlsAlloc
LocalAlloc
CloseHandle
GetModuleFileNameA
GlobalAlloc
WideCharToMultiByte
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
LocalFree
GlobalLock
GlobalUnlock
MultiByteToWideChar
lstrlenA
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
GetVersionExA

user32

LoadIconA
LoadCursorA
GetSysColorBrush
DestroyMenu
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
ShowWindow
SetWindowPos
SetWindowLongA
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
wsprintfA
SetFocus
MapWindowPoints
SetWindowTextA
ClientToScreen
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
GetMenuItemCount
GetSubMenu
GetMenuItemID
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetWindowTextA
PostQuitMessage
PostMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetSysColor
GetWindowLongA
MessageBoxA
SendMessageA
SetCursor
EnableWindow
AdjustWindowRectEx
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetWindow
GetMessagePos
GetDlgItem

gdi32

SetWindowExtEx
ScaleWindowExtEx
GetClipBox
OffsetViewportOrgEx
ScaleViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
SetViewportExtEx
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetDeviceCaps
CreateBitmap

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17

oleaut32

SysAllocStringByteLen
SysAllocString
SysStringLen
LoadRegTypeLi
SysFreeString
VariantCopy
VariantChangeType
VariantClear

atl

ord31
ord23
ord16
ord21
ord15
ord18
ord57
ord32
ord58
ord30

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8c4c3ae94a3c0fa020c6b844075fd32

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

oleaut32

atl

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 16KB - Virtual size: 12KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 16KB - Virtual size: 12KB