0121a758d424e7430a66e0ba1677343d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0121a758d424e7430a66e0ba1677343d_JaffaCakes118
Size

204KB
MD5

0121a758d424e7430a66e0ba1677343d
SHA1

79d0d30fdf3390c24ab9b322393b52567efe3548
SHA256

9ddebd0d8b98d6d940e84ac9989c30529d7ed1cf1480888b00cb36244222640c
SHA512

a1a36276f653a3c09e9bda888d8695613e3cc2b0ba86edab189f2c832afe940659a4953675fd1b040e2b1767bbe8f9b180ac61ee877cd93ab935fe37e0bfea28
SSDEEP

6144:a9oSTOA7gRHAuu4Q05fX1tLSFY4WZY3G:aqSHGAuPQ05/1oY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0121a758d424e7430a66e0ba1677343d_JaffaCakes118

Files

0121a758d424e7430a66e0ba1677343d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

f60ac9e818fd2361fd126197f7ba9d0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCPInfo
GetOEMCP
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
HeapReAlloc
GetCommandLineA
ExitProcess
TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GlobalFlags
WritePrivateProfileStringA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
SetLastError
GlobalFree
FormatMessageA
LocalFree
CloseHandle
GlobalAddAtomA
GetCurrentThread
GlobalDeleteAtom
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryA
GetVersion
LockResource
lstrcpyW
GetCurrentThreadId
lstrcmpA
GetCurrentProcess
FlushInstructionCache
HeapAlloc
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleHandleA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
IsDBCSLeadByte
lstrcatA
GetModuleFileNameA
lstrcpyA
lstrcpynA
InterlockedDecrement
InterlockedIncrement
lstrcmpiA
lstrlenA
GetProcessHeap
HeapFree
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
IsBadWritePtr
InterlockedExchange

user32

WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
GetSystemMetrics
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ClientToScreen
GetDlgCtrlID
GetWindowRect
PtInRect
UnhookWindowsHookEx
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
CharNextA
UnregisterClassA
DefWindowProcA
MessageBoxA
ShowWindow
DestroyWindow
IsWindow
SetWindowLongA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
PostMessageA
PostQuitMessage
DestroyMenu
GetSysColorBrush
GetWindowLongA
CallWindowProcA
SendMessageA
RegisterClassExA
LoadCursorA
GetClassInfoExA
RegisterWindowMessageA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
DestroyAcceleratorTable
ReleaseCapture
SetCapture
FillRect
GetClientRect
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
GetDesktopWindow
GetSysColor
EndPaint
BeginPaint
SetFocus
GetWindow
IsChild
GetFocus
GetDlgItem
RedrawWindow
SetWindowPos
wsprintfA
CreateWindowExA
CreateAcceleratorTableA
GetParent
GetClassNameA

gdi32

ScaleWindowExtEx
Escape
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
DeleteObject
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
CreateSolidBrush
GetStockObject
GetObjectA
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
SetViewportOrgEx

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyA
RegDeleteKeyA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA

ole32

CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
OleUninitialize
OleInitialize
CoInitialize
CoUninitialize
OleSaveToStream
WriteClassStm
OleLoadFromStream
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal

oleaut32

SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VariantClear
VariantInit
SysAllocStringLen
VarUI4FromStr
SysStringByteLen
VariantChangeType
SysAllocStringByteLen
LoadRegTypeLi
SysStringLen
OleCreateFontIndirect
VarBstrCat

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f60ac9e818fd2361fd126197f7ba9d0a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 126KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 20KB - Virtual size: 18KB

.text
Size: 128KB - Virtual size: 126KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 20KB - Virtual size: 18KB