fc78e2dce3e6155f8d337bf608317c43_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc78e2dce3e6155f8d337bf608317c43_JaffaCakes118
Size

144KB
MD5

fc78e2dce3e6155f8d337bf608317c43
SHA1

2b442c467660c9e56eb8e649c802e715445dccdc
SHA256

fb4adb81f52e81d62dc262c40f8bdaa038ca80f746caca65a2d8b92a411f393e
SHA512

512a139ac1d600e6ef69dc3d94ede85878adfa45b102b207e3f4d825611bb90fb8efaf99e0c39ade479071b67d9d4b1bb82451de3dbb2a3e3faea4a41ff9f434
SSDEEP

3072:42/uZ3jZrg+EKpAVdEVGbM8/TnaPdCiu12zm0o25HIT:kGuGbdYjr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc78e2dce3e6155f8d337bf608317c43_JaffaCakes118

Files

fc78e2dce3e6155f8d337bf608317c43_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

0e8457931e6025970696e9132a5b6516

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

LockResource
GetWindowsDirectoryA
GetProcAddress
FindResourceA
LoadResource
InterlockedIncrement
GetLastError
InterlockedDecrement
GetFileAttributesA
GetModuleFileNameA
lstrcatA
DisableThreadLibraryCalls
GetVersion
InitializeCriticalSection
lstrcpynA
DeleteCriticalSection
FreeLibrary
GlobalAlloc
CreateFileA
GetFileSize
GlobalUnlock
GlobalLock
ReadFile
IsDBCSLeadByte
GlobalFree
CloseHandle
LoadLibraryA
GetLocaleInfoA
lstrcmpiA
MulDiv
GetProcessHeap
HeapFree
lstrlenA
WideCharToMultiByte
lstrlenW
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
lstrcpyA
HeapAlloc
MultiByteToWideChar

user32

OffsetRect
ClientToScreen
IntersectRect
SetWindowRgn
GetActiveWindow
EqualRect
PtInRect
CallWindowProcA
ReleaseCapture
SetCapture
GetCapture
ScrollWindowEx
BeginPaint
MoveWindow
UpdateWindow
IsWindowEnabled
InflateRect
GetWindowTextA
SetWindowTextA
UnregisterClassA
DestroyWindow
CharNextA
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
IsWindow
MessageBeep
MessageBoxA
SetFocus
IsWindowVisible
GetClientRect
EndPaint
SetWindowLongA
DefWindowProcA
RegisterClassA
GetWindowLongA
ShowWindow
SetParent
LoadStringA
GetKeyState
wsprintfA
WinHelpA
GetWindow
IsDialogMessageA
SetWindowPos
InvalidateRect
GetFocus
CheckDlgButton
SetRect
DrawFocusRect
LoadBitmapA
MapDialogRect
IsDlgButtonChecked
EnableWindow
GetDC
GetSysColor
FillRect
DrawEdge
DrawTextA
ReleaseDC
ValidateRect
GetDlgItem
GetWindowRect
ScreenToClient
SendMessageA
GetParent
CreateDialogIndirectParamA
GetNextDlgTabItem
IsChild
CreateWindowExA

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CreateStreamOnHGlobal
CoTaskMemFree

advapi32

RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

LoadRegTypeLi
OleCreatePropertyFrame
SetErrorInfo
LoadTypeLibEx
UnRegisterTypeLi
SysAllocStringLen
RegisterTypeLi
GetErrorInfo
LoadTypeLi
SysAllocString
OleCreatePictureIndirect
VariantChangeType
OleLoadPicture
OleTranslateColor
SysStringLen
VariantInit
VariantClear
OleCreateFontIndirect
CreateErrorInfo
SysFreeString

comdlg32

GetOpenFileNameA
ChooseColorA

gdi32

CreateRectRgnIndirect
GetPixel
CreateCompatibleDC
GetViewportExtEx
CreateBitmap
SetWindowOrgEx
SetViewportOrgEx
CreateDCA
SetViewportExtEx
SetMapMode
SetWindowExtEx
GetWindowExtEx
DeleteObject
LPtoDP
GetDeviceCaps
CreateICA
DeleteDC
SetBkColor
SetTextColor
SelectObject
GetObjectA
ExtTextOutA
CreateSolidBrush
CreateFontIndirectA
EnumFontFamiliesA
GetTextExtentPoint32A
BitBlt

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e8457931e6025970696e9132a5b6516

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 1KB

.idata Size: 60KB - Virtual size: 56KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1KB

.idata
Size: 60KB - Virtual size: 56KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 8KB - Virtual size: 4KB