f516154594a4d6f78066427e36c9bfae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f516154594a4d6f78066427e36c9bfae_JaffaCakes118
Size

2.4MB
MD5

f516154594a4d6f78066427e36c9bfae
SHA1

da6b13f32003ec54445b1c7a9009e49da8f041d0
SHA256

df05da0847a07595fe6c3f98ac5ced072b406647a4909c33036f852708ea1908
SHA512

a510b272277ea65299534888f6edfebd616fb1f764e9ec3f3150a84bad4ea6636623e65766bd86bd0c9f47eb095f655455f457c0c64493c29d8356d6ee3fabb3
SSDEEP

49152:c/7+zdddmb8r9DeOcitcVZ3RWq8YidFUvcULCGiO2xQm1sWMSziRLj3wl+:c/71IDCVZv8YqFCcTGabZMoELjAl+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f516154594a4d6f78066427e36c9bfae_JaffaCakes118

Files

f516154594a4d6f78066427e36c9bfae_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

cb7eaab1f19a8d9391c3d5b321179c90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
FindNextVolumeMountPointW
FreeLibraryAndExitThread
GetCommState
UnlockFileEx
GetAtomNameW
DeleteFileW
SetEnvironmentVariableW
FileTimeToDosDateTime
SetStdHandle
GetFullPathNameW
CreateFileMappingA
LocalUnlock
LocalHandle
GetStringTypeExW
GetComputerNameExW
GetTickCount
FreeEnvironmentStringsW
IsBadCodePtr
GetSystemPowerStatus
FreeResource
AssignProcessToJobObject
MapViewOfFileEx
CopyFileA
CancelIo
CreateDirectoryA
GetSystemInfo
GetCommModemStatus
lstrcmpW
ExpandEnvironmentStringsA
VerLanguageNameW
SetCommBreak
ClearCommError
SetLocalTime
GetProfileIntA
GetVersionExW
HeapLock
GetExitCodeProcess
GetVolumeInformationW
SetWaitableTimer
FindAtomW
DeleteTimerQueueEx
SizeofResource
HeapAlloc
MapViewOfFile
SetupComm
IsValidCodePage
GetFileSize
RtlMoveMemory
GetProcAddress
GetDiskFreeSpaceW
LoadLibraryA

ole32

StringFromIID
CoUnmarshalInterface
FreePropVariantArray
OleQueryLinkFromData
CoReleaseMarshalData
OleCreateStaticFromData
CreateOleAdviseHolder
OleRun
CreateGenericComposite
OleIsRunning
CreatePointerMoniker
CoRevertToSelf
CoMarshalInterface
StgCreateDocfile
CoWaitForMultipleHandles

user32

CheckRadioButton
ScrollDC
LoadStringW
DrawStateA
RegisterWindowMessageW
SetWindowLongW
SendMessageTimeoutW
GetTabbedTextExtentA
ScrollWindowEx
GetSysColorBrush
ExitWindowsEx
TrackMouseEvent
GrayStringW
DrawTextExW
DrawFocusRect
PeekMessageW
ModifyMenuW
UnhookWindowsHookEx
EndDialog
GetGUIThreadInfo
SetProcessWindowStation
CharUpperW
AdjustWindowRect
MoveWindow
SetMenuItemBitmaps
GetPropW
DialogBoxIndirectParamA
GetUpdateRect
GetMenu
CharPrevA
FindWindowW
OemToCharBuffA
GetClassNameA
CopyIcon
IsWindow
AttachThreadInput
ShowWindow
GetClassInfoA
GetWindowContextHelpId
CopyImage
ShowWindowAsync
CharToOemW
GetParent
UpdateLayeredWindow
DefFrameProcW
DefWindowProcW
CallWindowProcA
CharToOemA
GetUserObjectInformationW
GetActiveWindow

oleaut32

SysFreeString

shlwapi

PathIsRelativeW
StrCmpNW
StrCmpNIA
StrCpyNW
PathGetCharTypeA
PathAddExtensionW
PathAppendA
SHAutoComplete
UrlCreateFromPathW
PathAppendW

advapi32

GetNumberOfEventLogRecords
RegSaveKeyExW
RegLoadKeyA
RegLoadKeyW
RegOpenKeyExW
RegCloseKey
GetUserNameW
OpenProcessToken
QueryServiceConfig2W
RegSaveKeyW
RegQueryValueW
CredIsMarshaledCredentialW

shell32

SHGetFolderPathA
DragAcceptFiles
SHGetSpecialFolderPathA
SHGetFolderPathW
ShellAboutA
ExtractIconA

gdi32

OffsetViewportOrgEx
SetPixel
FillPath
RealizePalette
GetTextFaceA
SetBkMode
CreateDCA
GetViewportOrgEx
GetCharWidthA
GetTextCharset
StretchBlt
GetLayout
CreateDCW
GetStretchBltMode
SetMagicColors
CloseMetaFile
Escape
SetTextAlign
PathToRegion
CreateDiscardableBitmap

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 688KB - Virtual size: 686KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb7eaab1f19a8d9391c3d5b321179c90

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 688KB - Virtual size: 686KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 60KB - Virtual size: 58KB

.text
Size: 688KB - Virtual size: 686KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 60KB - Virtual size: 58KB