f0d38391132a84e963f9714ce855d507_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0d38391132a84e963f9714ce855d507_JaffaCakes118
Size

156KB
MD5

f0d38391132a84e963f9714ce855d507
SHA1

2e927f8fee08bcecc12fc1573f8bda28b5e6b296
SHA256

67c9de00394aab8202bb4da89ffa3e0509828ca4026cf775dd08dc2f208cb42a
SHA512

d395f11a99c321fdfcc033e1fd4d234a1a3a15470046f524c5032c912cb11be46a2cbc8bf4f45e97ed4ba0973837c61bad1bd0e625a335dfa89fa0a1e18a7017
SSDEEP

3072:5LSCCjUyT3M9QN5fOlSVgnGg0n6EminEyy0AsUlyzO+DqmEoVAg69/k:gCC4QN5fOlSFgAminEynA0PDqmEv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0d38391132a84e963f9714ce855d507_JaffaCakes118

Files

f0d38391132a84e963f9714ce855d507_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

0d80e9da17d2eece6c0674a3f643fcca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
LoadLibraryA
GetProcAddress
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
LoadLibraryW
GetVersionExW
GetLastError
OpenFileMappingW
GetTickCount
CreateFileMappingW
CloseHandle
UnmapViewOfFile
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
MapViewOfFile
lstrlenW
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetACP
InterlockedExchange
GetLocaleInfoA

user32

UnregisterClassA
CharNextW
LoadStringW

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
StringFromCLSID
StringFromGUID2
CoCreateInstance

oleaut32

RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysStringLen
VarUI4FromStr
SysAllocString
VariantClear
SysFreeString

msvcr80

free
_CxxThrowException
memmove_s
wcsncpy_s
memset
_wsplitpath_s
wcscpy_s
wcscat_s
iswspace
wcslen
??_V@YAXPAX@Z
__CxxFrameHandler3
_purecall
_recalloc
??_U@YAPAXI@Z
??2@YAPAXI@Z
memcmp
wcstombs_s
sprintf_s
strlen
vswprintf_s
mbstowcs_s
_except_handler4_common
?terminate@@YAXXZ
_unlock
_encode_pointer
__dllonexit
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
memcpy_s
??3@YAXPAX@Z
malloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d80e9da17d2eece6c0674a3f643fcca

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msvcr80

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 104KB - Virtual size: 103KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 104KB - Virtual size: 103KB

.reloc
Size: 4KB - Virtual size: 2KB