eb576c1dbf2cb7b31d0c6c9973033002_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eb576c1dbf2cb7b31d0c6c9973033002_JaffaCakes118
Size

86KB
MD5

eb576c1dbf2cb7b31d0c6c9973033002
SHA1

5ed0f06d51d23f3c8ad6f74b2df30556cf4b8bf4
SHA256

eac26f9a7731baa8359cd527f8010149d44dd3fce3d11c09b0d66949afa893e2
SHA512

e4f8b2eccf07882f7c6bdba8e965fe8b98e6a60d389a03d3bc83f90a659a28573d89f2bfeb7f438580cca33d79a89ec783fdb8a537efcbff52f20eebf77aadbc
SSDEEP

1536:9k5NEEAe0LKH21x4VflwU6cwaxdrW/XXTwzMVtMdYn:a5NBMM2DmfmU6cwcdAXXwMb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb576c1dbf2cb7b31d0c6c9973033002_JaffaCakes118

Files

eb576c1dbf2cb7b31d0c6c9973033002_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

320e088ac1c8676d17073aabfe6a53ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

olepro32.pdb

Imports

user32

DrawIcon
GetSysColor
WinHelpW
IsWindow
EnableWindow
GetMessageA
GetMessageW
TranslateMessage
DispatchMessageW
DispatchMessageA
PostMessageW
PostQuitMessage
GetActiveWindow
SetActiveWindow
SetFocus
DestroyWindow
GetSystemMetrics
wsprintfA
GetTopWindow
IsWindowUnicode
GetClientRect
GetDialogBaseUnits
GetDC
ReleaseDC
GetKeyState
GetWindowLongW
CharNextA
GetWindowTextA
CharLowerA
GetParent
SendMessageW
GetFocus
GetDlgItem
GetIconInfo
DestroyIcon
SetWindowLongW
CreateIcon
CreateCursor
CopyIcon
CopyImage
RegisterClipboardFormatA
wsprintfW

gdi32

GetBitmapBits
SetDIBits
SetBitmapBits
EnumFontFamiliesExW
GetTextFaceW
CreateHalftonePalette
Escape
CreateDIBSection
CreateDIBitmap
SetStretchBltMode
SetBkColor
SetTextColor
GetCurrentObject
GetObjectType
GetStockObject
RealizePalette
StretchBlt
GetDIBits
StretchDIBits
SaveDC
IntersectClipRect
GetWindowOrgEx
OffsetViewportOrgEx
PlayEnhMetaFile
EnumMetaFile
RestoreDC
DeleteEnhMetaFile
DeleteMetaFile
PlayMetaFileRecord
SelectPalette
CreatePalette
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateCompatibleDC
CreateFontIndirectW
CreateFontIndirectA
GetDeviceCaps
DeleteObject
GetTextExtentPointA
GetTextMetricsW
SelectObject
GetPaletteEntries
PatBlt
CreateBitmap
SetMetaFileBitsEx
GetBitmapDimensionEx
GetObjectW
GetEnhMetaFileHeader
GetWinMetaFileBits
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetMapMode
SetEnhMetaFileBits
DeleteDC
BitBlt
CreateCompatibleBitmap

kernel32

MultiByteToWideChar
IsDBCSLeadByte
FreeLibrary
MulDiv
LockResource
LoadResource
FindResourceW
InterlockedIncrement
InterlockedDecrement
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
EnterCriticalSection
lstrlenW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GlobalDeleteAtom
GlobalAddAtomW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
GetVersion
GetSystemDirectoryA
GetLastError
LoadLibraryA

advapi32

RegOpenKeyA
RegOpenKeyW
RegCreateKeyA
RegSetValueA
RegQueryValueW
RegFlushKey
RegCloseKey

msvcrt

free
_initterm
malloc
_adjust_fdiv
??1type_info@@UAE@XZ
?terminate@@YAXXZ
wcslen
wcscpy
wcsrchr
??3@YAXPAX@Z
wcsncat
??2@YAPAXI@Z
__CxxFrameHandler
_CxxThrowException
wcsncpy
calloc
_wcslwr
wcscmp
_wcsicmp
_ftol
_CIfmod
_except_handler3

ole32

StgCreateDocfile
StringFromGUID2
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
ReleaseStgMedium
CoCreateInstance
CoGetMalloc

oleaut32

LoadTypeLi
VariantInit
VariantClear
SysFreeString
SysAllocString
VariantChangeType

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleTranslateColor

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.texc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

320e088ac1c8676d17073aabfe6a53ff

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

advapi32

msvcrt

ole32

oleaut32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 64KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 13KB - Virtual size: 16KB

.reloc Size: 4KB - Virtual size: 4KB

.texc Size: 2KB - Virtual size: 4KB

.data2 Size: 1024B - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 64KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 13KB - Virtual size: 16KB

.reloc
Size: 4KB - Virtual size: 4KB

.texc
Size: 2KB - Virtual size: 4KB

.data2
Size: 1024B - Virtual size: 4KB