ff65ad71d9270e70f0f84373cd1e23f8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ff65ad71d9270e70f0f84373cd1e23f8_JaffaCakes118
Size

148KB
MD5

ff65ad71d9270e70f0f84373cd1e23f8
SHA1

588fefdd2ec9fe0f32cfc3d3bff7e72a784888e6
SHA256

03313af589e2e0f9d254cac866a08f4f8572bb6e9e2dc3fe2923acfab72d728a
SHA512

a30fa8b36f86e5530fccf7e6a8d98ee4aaa1d882274f103494951b27ff192ab8d0759c5dfc269928971aa801883b0af36e6c332d93d7a00668d37bdb3a98b460
SSDEEP

1536:0eHh++qrYHutQGQLhg5ulTVHlKWRVcNwAisyxEeMZY87zp5CFk4Q9oyOTyx2rMaK:0InuGLhuCVUs1eH5Cocu06tWEzb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff65ad71d9270e70f0f84373cd1e23f8_JaffaCakes118

Files

ff65ad71d9270e70f0f84373cd1e23f8_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

ce6f77b1636462bb79371cf8ad48f3be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
CreateThread
SetFileAttributesA
CopyFileA
GetWindowsDirectoryA
GetSystemTime
GetVersionExA
WriteFile
GetFileTime
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetDriveTypeA
GetLogicalDriveStringsA
SetFileTime
WaitForSingleObject
GetExitCodeThread
lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrcmpiA
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
IsDBCSLeadByte
FreeLibrary
WinExec
GetModuleHandleA
CreateProcessA
DisableThreadLibraryCalls
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
SetLastError
InterlockedExchange
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
DeleteFileA
lstrlenA
WideCharToMultiByte
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
Sleep
LoadLibraryExA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetHandleCount
SetStdHandle
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
LCMapStringW
LCMapStringA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
GetACP
GetLocaleInfoA
GetThreadLocale
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedCompareExchange
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
VirtualProtect
GetSystemInfo
VirtualQuery
RtlUnwind
GetCommandLineA
HeapCreate
ExitProcess
GetStdHandle
SetUnhandledExceptionFilter

user32

UnregisterClassA
GetDesktopWindow
CreateDialogParamA
CharNextA
DestroyWindow
IsWindowVisible
PostMessageA
SetWindowLongA
KillTimer
SetTimer

advapi32

RegQueryValueExA
RegCreateKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

ole32

CoUninitialize
CoTaskMemFree
StringFromGUID2
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoCreateInstance

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysStringLen
VariantInit
SysAllocString
VariantClear
SysAllocStringLen
SysFreeString

wininet

FindNextUrlCacheEntryA
InternetGetConnectedState
FindFirstUrlCacheEntryA
DeleteUrlCacheEntry

urlmon

URLDownloadToCacheFileA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce6f77b1636462bb79371cf8ad48f3be

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

wininet

urlmon

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 12KB - Virtual size: 9KB