e0c18562cd6d473ed1e8ef454143a80d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e0c18562cd6d473ed1e8ef454143a80d_JaffaCakes118
Size

76KB
MD5

e0c18562cd6d473ed1e8ef454143a80d
SHA1

0e69d6434d584c60318f284f335d2cb916e12ecf
SHA256

bf172961a2328100687391ca751c293e32d43177b1c218a6f523faf00509dd7b
SHA512

be059f7f90ebfa523e0a064b4570bfad56aff5302b4d2c9a3767157aad540ec099a2cd6e1685cdbb99220805bdb87075584929711ff35aae81a606396481d4d6
SSDEEP

1536:2z6XDVrOtLjJ335Q+rlbMZoPPHivK3zvO6xTefvG5qhsZ4PC/:nktR3JJMZ6CvyvO66gqeZ4P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0c18562cd6d473ed1e8ef454143a80d_JaffaCakes118

Files

e0c18562cd6d473ed1e8ef454143a80d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b3dfc1b8cecddb3fd72d97d892d18ec4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapWalk
GetEnvironmentStrings
IsValidLocale
GetLocaleInfoA
RemoveDirectoryW
FormatMessageW
GetStdHandle
CreateToolhelp32Snapshot
QueueUserAPC
GetSystemDirectoryW
FindFirstFileA
IsBadHugeReadPtr
IsBadStringPtrA
CreateTimerQueue
lstrcpynA
QueryPerformanceFrequency
OpenEventW
GlobalDeleteAtom
LCMapStringW
IsBadReadPtr
GetSystemWow64DirectoryW
WaitForMultipleObjects
UnregisterWaitEx
EnumUILanguagesW
SizeofResource
EscapeCommFunction
GetFileAttributesA
GetDiskFreeSpaceExW
GlobalAddAtomW
GetStartupInfoA
GetVolumeInformationA
GetAtomNameA
FlushConsoleInputBuffer
lstrcmpiW
OpenFile
OpenMutexA
GlobalHandle
CompareStringW
FindFirstChangeNotificationW
SetNamedPipeHandleState
LockResource
FileTimeToLocalFileTime
SetHandleCount
SetVolumeLabelW
MapViewOfFile
ExitProcess
GetExitCodeProcess
SetStdHandle
SetVolumeMountPointW
SetProcessShutdownParameters
OpenSemaphoreW
FileTimeToDosDateTime
FindVolumeMountPointClose
ReadFileEx
GetThreadContext
SearchPathA
GetCurrentThread
lstrcmpW
GetThreadPriority
InterlockedIncrement
LocalFree
LocalLock
GetBinaryTypeA
SetEndOfFile
CreateEventA
GetTempFileNameW
SetFileApisToOEM
ProcessIdToSessionId
FindFirstChangeNotificationA
CreateMutexW
CompareFileTime
ReadProcessMemory
GetStringTypeW
IsProcessorFeaturePresent
GlobalFindAtomW
GetDriveTypeA
OpenSemaphoreA
GetThreadTimes
WaitForSingleObjectEx
VirtualQueryEx
GetLongPathNameW
ReadConsoleW
GetComputerNameW
SetCurrentDirectoryW
GetProfileStringA
GetFileSizeEx
HeapDestroy
GetEnvironmentStringsW
VerLanguageNameW
GetProcessVersion
GetCurrentDirectoryA
HeapSize
GetSystemPowerStatus
GetLargestConsoleWindowSize
SetLastError
SetEnvironmentVariableA
GetTempPathA
GetVersionExA
GetSystemWindowsDirectoryA
CancelWaitableTimer
SetConsoleWindowInfo
FileTimeToSystemTime
ExpandEnvironmentStringsA
LockFile
LocalAlloc
GetModuleHandleExW
SetConsoleTextAttribute
GetCurrentThreadId
UnregisterWait
GlobalReAlloc
GetTickCount
FindFirstFileExW
GlobalFlags
SetEnvironmentVariableW
GetLogicalDriveStringsA
SetFilePointer
GetProcessAffinityMask
FindNextVolumeW
HeapCompact
GetTimeFormatA
ExpandEnvironmentStringsW
GetVolumePathNameW
SetFileAttributesA
SetConsoleScreenBufferSize
SetLocalTime
GlobalAlloc
RegisterWaitForSingleObjectEx
FreeLibraryAndExitThread
VirtualAlloc
FindNextChangeNotification
LeaveCriticalSection
CloseHandle
CreateMutexA
GetComputerNameA
VirtualProtect
GetProcessHeap
HeapValidate
CreateProcessA
HeapFree
EnterCriticalSection
GetModuleHandleA
GetSystemTimeAsFileTime
GetProcAddress
VirtualQuery
WaitForSingleObject
HeapAlloc
GetModuleFileNameA
InitializeCriticalSection
lstrlenA
lstrlenW
UnmapViewOfFile
lstrcatW
LoadLibraryA
CreateRemoteThread

ole32

StringFromGUID2
CoReleaseMarshalData
OleLoadFromStream
OleQueryLinkFromData
RevokeDragDrop
OleDuplicateData
OleRun
CoCreateInstance
StgOpenStorageEx
StringFromIID
CoGetInterfaceAndReleaseStream
OleRegGetUserType
GetHGlobalFromStream
OleLockRunning
OleIsRunning
OleGetAutoConvert
OleSetMenuDescriptor
CreateFileMoniker
CoCreateFreeThreadedMarshaler
OleSave
CoQueryProxyBlanket
CoUnmarshalInterface
OleCreate
OleCreateFromData
CoLockObjectExternal
CoGetMarshalSizeMax
StgIsStorageILockBytes
MkParseDisplayName
StgIsStorageFile
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoGetClassObject

shlwapi

SHGetValueA
StrCatW
StrCmpW
StrCatBuffW
StrChrW
PathQuoteSpacesW
PathCommonPrefixW
PathCompactPathExW
PathRenameExtensionW
PathSkipRootW
PathIsFileSpecW
PathGetArgsW
PathCreateFromUrlW
SHDeleteKeyW
PathRemoveBlanksW
StrCmpNW
StrStrA
SHCreateStreamOnFileW
StrToIntW
PathFindNextComponentW
PathStripToRootW
PathGetCharTypeA
PathIsUNCW
PathFindExtensionW
StrStrIA

advapi32

StartServiceA
RegOpenKeyExA
GetUserNameA
RegDeleteValueA
RegSetValueExA
CloseEventLog
GetServiceDisplayNameW
GetAclInformation
CreateServiceA
ReadEventLogA
QueryServiceStatus
RegisterEventSourceA
RegDeleteKeyA
RegSaveKeyW
RegEnumKeyA
MakeAbsoluteSD
RegCreateKeyW
QueryServiceConfig2W
RegOpenCurrentUser
ImpersonateLoggedOnUser
RegNotifyChangeKeyValue
NotifyBootConfigStatus
StartServiceCtrlDispatcherA
RegLoadKeyW
ImpersonateSelf
RegDeleteKeyW
RegisterServiceCtrlHandlerW
NotifyChangeEventLog
RegSetValueA
RegLoadKeyA
GetEffectiveRightsFromAclW
RegQueryValueExA
DuplicateTokenEx
ChangeServiceConfigA
DuplicateToken
RegCreateKeyExA
StartServiceW
RegConnectRegistryA
ImpersonateNamedPipeClient
RegSaveKeyA
CreateProcessAsUserA
RegDeleteValueW
RegisterServiceCtrlHandlerExW
RegisterServiceCtrlHandlerExA
GetTokenInformation

gdi32

GetEnhMetaFileHeader
ExtEscape
GetWorldTransform
SetBrushOrgEx
CreateHatchBrush
ExtTextOutW
DeleteMetaFile
EqualRgn
PolyBezier
StartPage
GetCharABCWidthsW
PaintRgn
ResetDCA
DeleteObject
AddFontResourceW
SetBitmapDimensionEx
GetMetaFileBitsEx
ScaleViewportExtEx
ArcTo
GetWinMetaFileBits
EndPath
GetPixelFormat
GetBrushOrgEx
GetTextCharset
MoveToEx
SetTextColor
CreatePen
GetFontResourceInfoW
SetMetaFileBitsEx
PlayEnhMetaFile
SetDIBits
ExtFloodFill
PolylineTo
CreateFontIndirectA
SetWindowOrgEx
EndDoc
GetBitmapDimensionEx
TranslateCharsetInfo
EnumFontFamiliesW
PlayEnhMetaFileRecord
CreateDIBPatternBrushPt
LPtoDP
GetDIBits
GetTextFaceW
OffsetViewportOrgEx
GetRegionData
GetObjectA
SetBkColor
UpdateColors
GetGraphicsMode
GetCurrentObject
SetMetaRgn
CreateFontW
GetPath
GetObjectType
Polyline
GetSystemPaletteEntries
GetCharWidthA
DPtoLP
CreatePatternBrush
CreateBitmap
EnumFontFamiliesA
CreateDIBitmap
GetTextCharsetInfo
SetTextJustification
DeleteEnhMetaFile
GetTextColor
GetLayout
LineTo
ExtTextOutA
StartDocA
GetStretchBltMode
SetTextAlign
AbortPath
GetRgnBox
CreateBitmapIndirect
EnumEnhMetaFile

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3dfc1b8cecddb3fd72d97d892d18ec4

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

advapi32

gdi32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 980B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 980B

.reloc
Size: 4KB - Virtual size: 2KB