fbf176ed9c3471d8cb3abcdc98e6289e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fbf176ed9c3471d8cb3abcdc98e6289e_JaffaCakes118
Size

144KB
MD5

fbf176ed9c3471d8cb3abcdc98e6289e
SHA1

4c74a112e800a8018e93896e3480f7e5b3426188
SHA256

4216380dc6b9ef40f31db740dc79afded40c740384230eff58a0d5b7f62abab1
SHA512

76b812dc5c0a9f7db853ffc19f3864ace2c25aeb7f77a6f5a121d3e0737a1bb8870d69cc5573ae85fa5a05b7efdd9922112a1a1e2236010335d61595155f7fc6
SSDEEP

3072:knB3n/V9StPCCsFYuHnQoEiH+e+BPLAsOETJkY5OrtvQ:knNn/TFYu1yBPLKExCv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbf176ed9c3471d8cb3abcdc98e6289e_JaffaCakes118

Files

fbf176ed9c3471d8cb3abcdc98e6289e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

7187161980c61ef8dc7bb12370a01285

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegCloseKey
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA

oleaut32

VariantClear
SysAllocString
SysFreeString
GetErrorInfo

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
strstr
wcscmp
wcslen
?what@exception@@UBEPBDXZ
isgraph
strerror
srand
ispunct
strtok
toupper
strtol
atoi
tmpnam
_stricmp
fopen
fwrite
fclose
__mb_cur_max
wctomb
isupper
tolower
isalpha
malloc
free
printf
isspace
islower
strncpy
strchr
isxdigit
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_CxxThrowException
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
isalnum
??0exception@@QAE@ABV0@@Z
__dllonexit

winmm

timeGetTime

shlwapi

StrStrIA
SHGetValueA
SHSetValueA

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

netapi32

Netbios

ole32

CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateGuid
CoCreateInstance

user32

EnumChildWindows
EnumWindows
wsprintfA
SystemParametersInfoA
OpenClipboard
GetWindowThreadProcessId
GetMessageA
ShowWindow
TranslateMessage
CreateWindowExA
RegisterClassExA
DefWindowProcA
SetTimer
KillTimer
CloseClipboard
DispatchMessageA
GetClassNameA
SetWindowPos

rpcrt4

UuidToStringA

wininet

InternetCloseHandle
InternetOpenUrlA
InternetSetOptionA
InternetOpenA
HttpQueryInfoA
InternetReadFile

kernel32

InterlockedExchange
QueryPerformanceFrequency
GetTickCount
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryA
CloseHandle
GetProcessTimes
GetCurrentProcess
Sleep
OpenProcess
GetCurrentProcessId
LocalFree
FormatMessageA
HeapFree
SetLastError
lstrlenA
GetFullPathNameA
GetVersion
GetWindowsDirectoryA
HeapSize
HeapAlloc
GetProcessHeap
SleepEx
GetModuleFileNameA
lstrcpyA
GetThreadTimes
GetCurrentThread
FreeEnvironmentStringsA
GetEnvironmentStrings
GetVersionExA
lstrcmpiA
lstrcmpA
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
MoveFileExA
WaitForSingleObject
CreateProcessA
DeleteFileA
GetSystemDirectoryA
GetLocalTime
QueryPerformanceCounter
CreateFileA
MultiByteToWideChar
lstrcpynA
GetModuleHandleA
GetCurrentDirectoryA
GetSystemInfo
GetEnvironmentVariableA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7187161980c61ef8dc7bb12370a01285

Headers

File Characteristics

Imports

advapi32

oleaut32

msvcrt

winmm

shlwapi

psapi

version

netapi32

ole32

user32

rpcrt4

wininet

kernel32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 16KB - Virtual size: 20KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 16KB - Virtual size: 20KB

.reloc
Size: 8KB - Virtual size: 6KB