f66124fdbcd7daaf292973404d122e43_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f66124fdbcd7daaf292973404d122e43_JaffaCakes118
Size

172KB
MD5

f66124fdbcd7daaf292973404d122e43
SHA1

febdcfc15d41f4eb80142337f3b96180eb017d24
SHA256

77f68d5650b68bc4ce25a0f1cf873a3882056701d8f0bb10294506034f4168f0
SHA512

6f0c95a76e9a8dbd108e0d015d9da64a19056155b10292c372b88d84f1ad9588475ef2360180c7240cd3448db170a5ea2adcd26596fc306575c2287af5a2b673
SSDEEP

3072:2AICVEzP+aeqS75yqzpRQfp/XoNdAf24MEBJTOHXTyn0:h6H2yqVoQAftMEPOHXTyn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f66124fdbcd7daaf292973404d122e43_JaffaCakes118

Files

f66124fdbcd7daaf292973404d122e43_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

fd2c9e7e89d46d5641231f3c8cfcf681

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

wcscmp
free
malloc
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
strerror
??0exception@@QAE@ABV0@@Z
isalpha
_onexit
__dllonexit
strtol
atoi
tmpnam
fopen
fwrite
fclose
islower
strtok
toupper
srand
strstr
?what@exception@@UBEPBDXZ
wcslen
??1exception@@UAE@XZ
??0exception@@QAE@XZ
strchr
_CxxThrowException
__CxxFrameHandler
isxdigit
isupper
__mb_cur_max
wctomb
printf
??2@YAPAXI@Z
??3@YAXPAX@Z
ispunct
isspace
tolower
isalnum
isgraph
strncpy

user32

wsprintfA
EnumWindows
EnumChildWindows
OpenClipboard
GetClassNameA
DispatchMessageA
TranslateMessage
RegisterClassExA
SetWindowPos
GetMessageA
ShowWindow
CloseClipboard
KillTimer
SystemParametersInfoA
SetTimer
DefWindowProcA
GetWindowThreadProcessId
CreateWindowExA

netapi32

Netbios

rpcrt4

UuidToStringA

oleaut32

SysAllocString
SysFreeString
VariantClear
GetErrorInfo

shlwapi

SHGetValueA
SHSetValueA
StrStrIA

winmm

timeGetTime

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

ole32

CoInitialize
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

advapi32

RegOpenKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegCloseKey

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

wininet

HttpQueryInfoA
InternetOpenA
InternetSetOptionA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

kernel32

QueryPerformanceFrequency
GetProcessTimes
GetCurrentProcess
GetSystemInfo
lstrcpyA
QueryPerformanceCounter
FreeLibrary
GetProcAddress
LoadLibraryA
HeapFree
GetProcessHeap
GetModuleFileNameA
GetTickCount
GetLocalTime
GetCurrentDirectoryA
GetWindowsDirectoryA
MultiByteToWideChar
FreeEnvironmentStringsA
GetEnvironmentStrings
lstrlenA
SleepEx
GetModuleHandleA
GetLastError
GetThreadTimes
Sleep
GetCurrentThread
SetLastError
GetFullPathNameA
LocalFree
FormatMessageA
HeapSize
HeapAlloc
GetVersion
GetSystemDirectoryA
lstrcpynA
lstrcmpiA
lstrcmpA
CloseHandle
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
OpenProcess
CreateFileA
GetCurrentProcessId
DeleteFileA
CreateProcessA
WaitForSingleObject
MoveFileExA
GetVersionExA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd2c9e7e89d46d5641231f3c8cfcf681

Headers

File Characteristics

Imports

msvcrt

user32

netapi32

rpcrt4

oleaut32

shlwapi

winmm

version

ole32

advapi32

psapi

wininet

kernel32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 102KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 24KB - Virtual size: 26KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 104KB - Virtual size: 102KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 24KB - Virtual size: 26KB

.reloc
Size: 12KB - Virtual size: 8KB