f5eb915746f5f8b0bda6f53a0044f444_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f5eb915746f5f8b0bda6f53a0044f444_JaffaCakes118
Size

108KB
MD5

f5eb915746f5f8b0bda6f53a0044f444
SHA1

c644ef3c5f4ba03400fc8d20897bdaadfe709bc4
SHA256

ea078d0a89934a255c580b8c1397422b40c0909244b7422374540f699fe61bce
SHA512

24d26148d5597fa347837a5c4b2ae51d11e58a08d612a43ce1632e69a928a8a812bee0d5ab9f32f07ee8954ec314933ec74e3c4c7875dc34b61cecea42c7d957
SSDEEP

1536:oxVKEUABdbUE0NK7e+8PeWK8zd3uquGdEjEve9AGxDtznKS6xxhbdG:oxYicK7e+8PjbzdeJGqjoe9vtznKBxG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5eb915746f5f8b0bda6f53a0044f444_JaffaCakes118

Files

f5eb915746f5f8b0bda6f53a0044f444_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

821568f31ae4afe82abd79a2555970a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
CreateMutexA
HeapAlloc
GetModuleFileNameA
GetProcAddress
InitializeCriticalSection
LoadLibraryA
EnterCriticalSection
MoveFileA
Sleep
GetLastError
InterlockedIncrement
GetTickCount
WaitForSingleObject
CreateFileA
MapViewOfFile
ReadFile
InterlockedDecrement
WriteFile
CreateProcessA
GetProcessHeap
CreateThread
CopyFileA
GetCurrentProcessId
GetModuleHandleA
HeapFree
AddAtomW
LocalSize
HeapValidate
InterlockedCompareExchange
CreateWaitableTimerW
GetFileAttributesA
TryEnterCriticalSection
GetProfileSectionA
GetVolumePathNamesForVolumeNameW
SetVolumeLabelW
PeekNamedPipe
IsProcessorFeaturePresent
GetTimeFormatA
FindNextFileA
GetFileAttributesExA
GetExitCodeThread
ResetEvent
GetConsoleMode
CreateEventA
PostQueuedCompletionStatus
GetProfileIntA
RemoveDirectoryA
CreateWaitableTimerA
OpenSemaphoreA
SwitchToThread
GetEnvironmentStringsW
GetAtomNameW
AddAtomA
GetSystemTime
SleepEx
GetVersionExA
HeapSize
SetVolumeMountPointW
SetConsoleMode
GetDateFormatA
SetFileAttributesA
SetConsoleCtrlHandler
HeapDestroy
WaitNamedPipeW
GetLogicalDriveStringsW
LCMapStringA
IsValidLanguageGroup
SetErrorMode
GetStdHandle
GetSystemDirectoryA
GetFileAttributesW
FindNextChangeNotification
FindFirstVolumeW
GetStringTypeA
GetSystemDirectoryW
PurgeComm
ReplaceFileW
IsBadHugeWritePtr
GetBinaryTypeA
IsWow64Process
GlobalFlags
MoveFileExW
SetFilePointerEx
HeapCreate
GetVersion
HeapReAlloc
WriteConsoleA
SetCurrentDirectoryA
HeapUnlock
CompareFileTime
GetTimeFormatW
SetHandleInformation
WriteConsoleW
GetStartupInfoA
GetTempPathA
lstrcmpA
FindResourceA
GetFullPathNameA
GlobalFindAtomA
FreeResource
FreeEnvironmentStringsW
GetLargestConsoleWindowSize
WaitForSingleObjectEx
SetInformationJobObject
WriteFileEx
SetEvent
SearchPathW
LocalFileTimeToFileTime
GetTempFileNameA
HeapWalk
SetConsoleTitleA
OpenEventW
GetStringTypeExA
GetEnvironmentVariableA
CreateSemaphoreA
GlobalGetAtomNameA
HeapLock
MoveFileW
LoadResource
ExpandEnvironmentStringsW
GetFullPathNameW
LockResource
GetStringTypeExW
GetUserDefaultLCID
FileTimeToSystemTime
lstrlenA
RemoveDirectoryW
DeviceIoControl
GetVolumePathNameW
FindAtomW
GetThreadContext
SetHandleCount
WaitForMultipleObjectsEx
SetConsoleTextAttribute
UnlockFileEx
SetComputerNameA
ConvertDefaultLocale
CreateFileMappingW
LocalLock
CreateProcessW
WriteProfileStringW

ole32

CoCreateInstance
OleSetContainedObject
CoTaskMemFree
CoInitialize
MkParseDisplayName
CoSwitchCallContext
ReadFmtUserTypeStg
CreateDataCache
CoRevertToSelf
OleRun
CreateFileMoniker
CoAllowSetForegroundWindow
CoMarshalInterThreadInterfaceInStream
CoDisconnectObject
RevokeDragDrop
OleInitialize
CreateAntiMoniker
CoCreateInstanceEx
PropVariantClear
OleCreateFromData
IIDFromString
StringFromIID
CoGetMarshalSizeMax
OleQueryCreateFromData
OleCreateStaticFromData
CreateILockBytesOnHGlobal
OleDestroyMenuDescriptor
OleDuplicateData
CoMarshalInterface
StgIsStorageILockBytes
CoCreateFreeThreadedMarshaler
GetRunningObjectTable
OleRegEnumVerbs
BindMoniker
CoEnableCallCancellation
OleLoad

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

821568f31ae4afe82abd79a2555970a7

Headers

File Characteristics

Imports

kernel32

ole32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB