fcccf684bb1ed45bb144c83dd3fd701c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fcccf684bb1ed45bb144c83dd3fd701c_JaffaCakes118
Size

132KB
MD5

fcccf684bb1ed45bb144c83dd3fd701c
SHA1

24fe3bd059ce0cf492a56d11c29a1235a6b0e9dc
SHA256

01bbc1e33454f3c3b0239ad5eb0107808010cb59ca933a69b625b3c591b23174
SHA512

9340cbecf613e89b8c0e5d01d32c5c2c9e0b1c3d7974b451a50077b97ce29cddf26c6273713dd800e7f5af58ff2c607f27bdf526cb17362a2493a61a73244c4e
SSDEEP

1536:+EhuXYS7OkFbxcvXhzbXjcUzMrxw+IZCu85xOfpJScOuDjiWICS4AXoMj7JsLa94:+EhM7OktINbXmx1IdNxDkPj7JP9jGT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcccf684bb1ed45bb144c83dd3fd701c_JaffaCakes118

Files

fcccf684bb1ed45bb144c83dd3fd701c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

b7913d0d3db88bf1a082bde05d46a4a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrStrIA
SHGetValueA
SHSetValueA

oleaut32

SysAllocString
VariantClear
GetErrorInfo
SysFreeString

msvcrt

free
malloc
??3@YAXPAX@Z
fclose
fwrite
fopen
tmpnam
??2@YAPAXI@Z
atoi
strtol
strchr
strncpy
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
isalnum
isxdigit
islower
srand
strstr
isupper
strerror
strtok
toupper
wcscmp
wcslen
?what@exception@@UBEPBDXZ
_stricmp
ispunct
tolower
__mb_cur_max
wctomb
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_CxxThrowException
isspace
isalpha
isgraph
printf
??0exception@@QAE@ABV0@@Z

rpcrt4

UuidToStringA

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoCreateGuid
CoTaskMemAlloc

netapi32

Netbios

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

user32

ShowWindow
DefWindowProcA
SetTimer
KillTimer
SetWindowPos
SystemParametersInfoA
DispatchMessageA
TranslateMessage
GetMessageA
GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
CloseClipboard
wsprintfA
RegisterClassExA
CreateWindowExA
OpenClipboard

winmm

timeGetTime

advapi32

RegCloseKey
SetSecurityInfo
SetEntriesInAclA
GetSecurityInfo
RegQueryValueExW
RegOpenKeyExW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegOpenKeyExA

wininet

InternetReadFile
InternetOpenUrlA
InternetSetOptionA
InternetOpenA
InternetCloseHandle
HttpQueryInfoA

kernel32

DeleteFileA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateProcessA
WaitForSingleObject
CloseHandle
MoveFileExA
GetLocalTime
GetSystemDirectoryA
QueryPerformanceCounter
QueryPerformanceFrequency
VirtualAllocEx
OpenProcess
SleepEx
GetLastError
GetProcessTimes
GetCurrentProcess
LocalFree
GetWindowsDirectoryA
HeapFree
GetCurrentDirectoryA
GetVersion
Sleep
HeapSize
HeapAlloc
GetProcessHeap
CreateRemoteThread
GetTickCount
FormatMessageA
GetModuleFileNameA
CreateFileA
GetSystemInfo
GetCurrentProcessId
GetModuleHandleA
lstrcpynA
GetFullPathNameA
GetThreadTimes
GetCurrentThread
GetVersionExA
FreeEnvironmentStringsA
GetEnvironmentStrings
lstrcpyA
lstrlenA
MultiByteToWideChar
GetEnvironmentVariableA
SetLastError
InterlockedExchange
lstrcmpiA
lstrcmpA
WriteProcessMemory

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7913d0d3db88bf1a082bde05d46a4a2

Headers

File Characteristics

Imports

shlwapi

oleaut32

msvcrt

rpcrt4

psapi

ole32

netapi32

version

user32

winmm

advapi32

wininet

kernel32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 16KB - Virtual size: 16KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 16KB - Virtual size: 16KB

.reloc
Size: 8KB - Virtual size: 6KB