fd32d92f5645a8c651b66ee80c5d1e86_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fd32d92f5645a8c651b66ee80c5d1e86_JaffaCakes118
Size

436KB
MD5

fd32d92f5645a8c651b66ee80c5d1e86
SHA1

0938e18226c132c829e5e8cbfb2da00549eca2db
SHA256

cc2beb41e2e885940228f70bc933b6c1bf3cf18632a6b98933adcfeefb83031d
SHA512

7c1c6a3947e88c72df5873a5fe213cabedcd9830eb7adb45e3ca7a652fe8a828b932ddb96ea6da78126e5cd4081f7873a70650816d46c0658fea842f9c626d07
SSDEEP

6144:g5jiDSecHrdqrGTtri/VNIaLH6pDuOVkAK17OgJhufuZO06zOY5cp2:oYHGGVZ+eAKAgJhufc6zOY5R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd32d92f5645a8c651b66ee80c5d1e86_JaffaCakes118

Files

fd32d92f5645a8c651b66ee80c5d1e86_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

ca15fed400d6b00669218f964fe2c21f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
SetLastError
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
LoadLibraryA
GlobalFree
GlobalHandle
LockResource
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringA
GetLocaleInfoA
GlobalLock
GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSectionAndSpinCount
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
HeapSize
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
Sleep
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GlobalUnlock
GetModuleFileNameW
MulDiv
lstrcmpW
GetCurrentProcess
FlushInstructionCache
lstrcmpiW
GetModuleHandleW
GetProcAddress
lstrlenW
GetLastError
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
HeapReAlloc
HeapDestroy
HeapCreate
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
LoadLibraryW
WideCharToMultiByte
OpenMutexW
CreateMutexW
WaitForSingleObject
ReleaseMutex
CloseHandle

user32

GetFocus
UnregisterClassA
SetWindowLongW
GetWindowLongW
CharNextW
DefWindowProcW
GetSysColor
MoveWindow
SetWindowPos
GetClientRect
ClientToScreen
MapWindowPoints
MapDialogRect
SetWindowContextHelpId
IsWindowVisible
GetTopWindow
CreateDialogParamW
CreateDialogIndirectParamW
BringWindowToTop
GetWindowRect
ShowWindow
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
ScreenToClient
CreateWindowExW
RegisterClassExW
LoadCursorW
GetClassInfoExW
IsWindow
SendMessageW
CreateAcceleratorTableW
GetWindow
SetFocus
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
DestroyWindow
FillRect
ReleaseCapture
GetClassNameW
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC

gdi32

GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
DeleteDC
GetStockObject

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW

ole32

OleUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
OleInitialize

oleaut32

DispCallFunc
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
VarUI4FromStr
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
VariantCopy
VariantChangeType

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 339KB - Virtual size: 338KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca15fed400d6b00669218f964fe2c21f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 339KB - Virtual size: 338KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 40KB - Virtual size: 39KB

.text
Size: 339KB - Virtual size: 338KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 40KB - Virtual size: 39KB