ded6fddd09970e769d21a8215e11cd01_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ded6fddd09970e769d21a8215e11cd01_JaffaCakes118
Size

104KB
MD5

ded6fddd09970e769d21a8215e11cd01
SHA1

cf4f9b9ea2954aaa7cfc99ddd9ca5dd47c54eb5e
SHA256

916e7d3e7f38f1500d293dcaaf4d14764e97b457960e2555bcc7d9eb9be88798
SHA512

528d75df64e7d05dbfaa1d3ff7fe8a514a8134d5107e92eb2b093937c4f6cd7d8ed5e75add53d6de17d88bcc846c2c46223bd858330166e94798791270f4ab17
SSDEEP

1536:KYxc5Pq3JOj2OIkzTeA5CRP3EVm7hyHOHpVtve7EXdVuuA7Hn:KCc59j2c/k3R1Dt27suuA7H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ded6fddd09970e769d21a8215e11cd01_JaffaCakes118

Files

ded6fddd09970e769d21a8215e11cd01_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

841eff656ad2d4626a34f33d32f1e38f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

LoadBitmapW
SendMessageW
wsprintfW
CallWindowProcW
PostMessageW
IsWindow
DestroyWindow
DefWindowProcW
SetWindowLongW
DispatchMessageW
SetFocus
GetFocus
ShowWindow
GetParent
TranslateMessage
CharNextW
GetClassInfoExW
RegisterClassExW
LoadCursorW
CreateWindowExW
GetWindowTextW
FindWindowW
GetClientRect
MoveWindow
GetWindowLongW
GetDlgCtrlID

gdi32

GetStockObject

shlwapi

SHAutoComplete
SHDeleteKeyW

shell32

ShellExecuteW

wininet

InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetOpenW

kernel32

GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
CreateFileW
FlushFileBuffers
ReadFile
SetFilePointer
IsBadCodePtr
IsBadReadPtr
SetStdHandle
SetEndOfFile
GetCPInfo
IsBadWritePtr
VirtualAlloc
SetUnhandledExceptionFilter
WriteFile
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStrings
DisableThreadLibraryCalls
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
HeapDestroy
lstrlenW
GetShortPathNameW
GetModuleHandleW
FreeLibrary
GetProcAddress
SetLastError
GetLastError
LoadLibraryW
GetModuleHandleA
GetFileAttributesW
GetVersion
OutputDebugStringA
lstrcpyW
lstrcatW
MultiByteToWideChar
GetSystemDirectoryW
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
LoadLibraryA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetEnvironmentStringsW
HeapSize
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapReAlloc
TerminateProcess
CloseHandle
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
lstrlenA
WideCharToMultiByte
LocalFree
RtlUnwind
GetCommandLineA
RaiseException
HeapFree
HeapAlloc
LCMapStringA
LCMapStringW
ExitProcess
GetModuleFileNameA

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegQueryInfoKeyW

ole32

CoCreateInstance

oleaut32

SysAllocStringByteLen
VariantInit
SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

841eff656ad2d4626a34f33d32f1e38f

Headers

File Characteristics

Imports

user32

gdi32

shlwapi

shell32

wininet

kernel32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 20KB - Virtual size: 22KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 20KB - Virtual size: 22KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 8KB - Virtual size: 5KB