ff7b54d790a95a7be8f624af26a1d11f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff7b54d790a95a7be8f624af26a1d11f_JaffaCakes118
Size

128KB
MD5

ff7b54d790a95a7be8f624af26a1d11f
SHA1

06266c2a076e53eec253d733d503ce858019d687
SHA256

68063140ff8cd3de4aa85c98accddc398906a568e3563f1745f3b233e031ab6a
SHA512

89672887428a8c78b43d1e1725036f9c9ba313dfa6282baa3e261fd3b1bdd360a12fee1bf4da033fd7d1972e874897dfe6ffc6cfb5e99dc5cca005197bed2045
SSDEEP

1536:fa0fg7Qr+q8SYCGiMzc/Bh9mY+wzjgICS4AtA4fIJuOl6GAXOURrLaYz:hV+q8SYPA79mpa/AaIJuOl6lXOVY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff7b54d790a95a7be8f624af26a1d11f_JaffaCakes118

Files

ff7b54d790a95a7be8f624af26a1d11f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

565b313f11e5118d68723402176a35a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

SetSecurityInfo
SetEntriesInAclA
RegCloseKey
RegOpenKeyExA
GetSecurityInfo
RegQueryValueExW
RegOpenKeyExW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

netapi32

Netbios

user32

SetWindowPos
EnumWindows
EnumChildWindows
GetWindowThreadProcessId
GetClassNameA
DefWindowProcA
SetTimer
KillTimer
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
OpenClipboard
CloseClipboard
wsprintfA
SystemParametersInfoA

oleaut32

VariantClear
GetErrorInfo
SysAllocString
SysFreeString

winmm

timeGetTime

psapi

EnumProcesses
GetModuleBaseNameA
EnumProcessModules

wininet

HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetSetOptionA
InternetOpenA
InternetReadFile

rpcrt4

UuidToStringA

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateGuid

msvcrt

printf
isupper
isspace
__CxxFrameHandler
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@XZ
?what@exception@@UBEPBDXZ
wcslen
wcscmp
strerror
srand
ispunct
wctomb
__mb_cur_max
isxdigit
isalnum
strncpy
isalpha
strchr
islower
isgraph
tolower
fclose
fwrite
fopen
tmpnam
atoi
toupper
strtok
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
??3@YAXPAX@Z
??2@YAPAXI@Z
malloc
free
strstr
??0exception@@QAE@ABV0@@Z
_stricmp

shlwapi

SHSetValueA
SHGetValueA
StrStrIA

kernel32

VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
CreateFileA
DeleteFileA
CreateProcessA
WaitForSingleObject
MoveFileExA
InterlockedExchange
GetEnvironmentVariableA
GetCurrentProcess
GetProcessTimes
MultiByteToWideChar
SetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentDirectoryA
GetModuleHandleA
SleepEx
GetLocalTime
GetSystemInfo
DisableThreadLibraryCalls
lstrcmpA
lstrcmpiA
GetFullPathNameA
lstrcpynA
GetVersionExA
lstrlenA
lstrcpyA
GetVersion
GetModuleFileNameA
HeapAlloc
HeapSize
FormatMessageA
LocalFree
GetEnvironmentStrings
FreeEnvironmentStringsA
GetLastError
GetProcessHeap
HeapFree
GetSystemDirectoryA
GetCurrentProcessId
GetCurrentThread
Sleep
GetThreadTimes
QueryPerformanceFrequency
GetTickCount
CloseHandle
OpenProcess
GetWindowsDirectoryA
QueryPerformanceCounter

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

565b313f11e5118d68723402176a35a9

Headers

File Characteristics

Imports

advapi32

version

netapi32

user32

oleaut32

winmm

psapi

wininet

rpcrt4

ole32

msvcrt

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 24KB - Virtual size: 24KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 24KB - Virtual size: 24KB

.reloc
Size: 8KB - Virtual size: 7KB