db1f6477e6d6ce79f29e29d6aa789a7e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

db1f6477e6d6ce79f29e29d6aa789a7e_JaffaCakes118
Size

176KB
MD5

db1f6477e6d6ce79f29e29d6aa789a7e
SHA1

674cf634eee923c4123e070f0eac7214ab7f9f85
SHA256

a91dce9a7f4ad88f483c7d40c8162be8ca9e1db680cd0eedcc0fc46400836be4
SHA512

76326e6e7445686546b10af6943b1cf2284024d397a7f90fef6ad516c155772995477391e0d62877a1558a55c9a0549c630367831a8679b1703a51cc9f240ebd
SSDEEP

3072:qabrbEe+uaE2slPfFiSNmPqHl5ftkEIMYbwtEDmyuJJXBNJ5tkES3qMZ:7brbEFifJNm8l5KKYb8wmyuXBx6/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db1f6477e6d6ce79f29e29d6aa789a7e_JaffaCakes118

Files

db1f6477e6d6ce79f29e29d6aa789a7e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

e4d822aedb3691a182a4b44143c0bfa7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrStrIA
SHGetValueA
SHSetValueA

rpcrt4

UuidToStringA

winmm

timeGetTime

msvcrt

??2@YAPAXI@Z
??3@YAXPAX@Z
free
malloc
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
strstr
strtol
atoi
tmpnam
fopen
fwrite
fclose
srand
isxdigit
strerror
ispunct
islower
isgraph
__mb_cur_max
wctomb
strtok
toupper
strchr
isalnum
printf
isalpha
tolower
isupper
wcscmp
??1exception@@UAE@XZ
??0exception@@QAE@XZ
?what@exception@@UBEPBDXZ
_CxxThrowException
wcslen
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
strncpy
isspace

wininet

InternetSetOptionA
InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

oleaut32

VariantClear
SysAllocString
SysFreeString
GetErrorInfo

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateGuid
CoCreateInstance

user32

KillTimer
DefWindowProcA
SetTimer
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
SystemParametersInfoA
SetWindowPos
wsprintfA
OpenClipboard
CloseClipboard
RegisterClassExA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow

netapi32

Netbios

advapi32

SetSecurityInfo
GetSecurityInfo
RegCloseKey
RegOpenKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
SetEntriesInAclA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

Sleep
GetLocalTime
GetTickCount
HeapFree
QueryPerformanceFrequency
GetVersion
HeapSize
HeapAlloc
lstrlenA
GetLastError
lstrcpyA
FreeLibrary
GetProcAddress
LoadLibraryA
LocalFree
QueryPerformanceCounter
FormatMessageA
lstrcmpiA
SetLastError
GetFullPathNameA
lstrcmpA
CloseHandle
CreateFileA
GetThreadTimes
GetCurrentThread
OpenProcess
GetCurrentProcessId
SleepEx
lstrcpynA
GetModuleFileNameA
MultiByteToWideChar
GetSystemDirectoryA
GetSystemInfo
GetModuleHandleA
GetProcessTimes
GetCurrentProcess
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
GetCurrentDirectoryA
CreateRemoteThread
GetWindowsDirectoryA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetVersionExA
WriteProcessMemory
VirtualAllocEx
GetProcessHeap

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4d822aedb3691a182a4b44143c0bfa7

Headers

File Characteristics

Imports

shlwapi

rpcrt4

winmm

msvcrt

wininet

oleaut32

psapi

ole32

user32

netapi32

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 20KB - Virtual size: 22KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 20KB - Virtual size: 22KB

.reloc
Size: 12KB - Virtual size: 8KB