04cf32ef45b0b599b8c42f39a0d40fcf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

04cf32ef45b0b599b8c42f39a0d40fcf_JaffaCakes118
Size

264KB
MD5

04cf32ef45b0b599b8c42f39a0d40fcf
SHA1

3c0357cf1085c3a6f044b2090fc759d890d69b68
SHA256

fc9a9ddf404569be9c187f6c2adf945ce7aed39c91e4b4e794a6a30de53b4703
SHA512

4d955216bad5389784599bc848d4b0c597cc93be148751bd2c18c2239d0aedc45e76aa148b416c8e2c2a40f3a8d3f765d4c06ec09236f86e2191ba4db0efa5f3
SSDEEP

6144:bBSGldF7k/gR2gy49OPouSJJ1r22TJYnJe:cGldF7k/afC1yu2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04cf32ef45b0b599b8c42f39a0d40fcf_JaffaCakes118

Files

04cf32ef45b0b599b8c42f39a0d40fcf_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

678c0342f62e0c0834b7c9bf7708be3f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

?terminate@@YAXXZ
free
??3@YAXPAX@Z
realloc
??2@YAPAXI@Z
__CxxFrameHandler
_purecall
_ftol
wcscmp
??1type_info@@UAE@XZ
_CxxThrowException
wcslen
memmove
_initterm
_except_handler3
_onexit
__dllonexit
malloc
_adjust_fdiv

kernel32

DisableThreadLibraryCalls
lstrlenA
SizeofResource
LoadResource
FindResourceW
GetLastError
LoadLibraryExW
GetShortPathNameW
FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentThreadId
IsBadWritePtr
IsBadCodePtr
IsBadReadPtr
GlobalLock
WideCharToMultiByte
GetTickCount
GlobalUnlock
GlobalAlloc
GetUserDefaultLangID
LoadLibraryW
HeapCreate
HeapReAlloc
MultiByteToWideChar
lstrlenW
lstrcpyW
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
lstrcpynW
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
lstrcatW
GetModuleFileNameW
FreeLibrary
GetProcAddress

user32

ShowCursor
GetCursorInfo
PostMessageW
IsWindowEnabled
GetCapture
ReleaseCapture
SetCapture
KillTimer
SetTimer
GetMessageExtraInfo
GetCursorPos
ScreenToClient
GetClassInfoW
RegisterClassW
GetDoubleClickTime
UnregisterClassW
GetSystemMetrics
TranslateMessage
DispatchMessageW
MessageBeep
WindowFromDC
GetClientRect
ValidateRect
SetRect
GetSysColor
FillRect
InflateRect
SetFocus
CreateWindowExW
IntersectRect
OffsetRect
SetWindowRgn
SetWindowPos
GetClassInfoExW
LoadCursorW
wsprintfW
RegisterClassExW
SetParent
GetParent
EnableWindow
IsWindowVisible
UpdateWindow
SendMessageW
ShowWindow
InvalidateRect
CallWindowProcW
GetWindowLongW
SetWindowLongW
GetFocus
IsChild
DefWindowProcW
DestroyAcceleratorTable
GetKeyState
IsWindow
DestroyWindow
UnionRect
PtInRect
GetDC
ReleaseDC
CharNextW
EqualRect

advapi32

RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegQueryValueExW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
OleRegEnumVerbs
OleRegGetUserType
CreateOleAdviseHolder
OleRegGetMiscStatus
CreateDataAdviseHolder
GetHGlobalFromStream
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal

oleaut32

SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysFreeString
SysAllocString
OleCreatePropertyFrame
VariantClear
SysAllocStringLen
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
SysReAllocStringLen
VariantInit
OleLoadPicture
OleTranslateColor
OleCreatePictureIndirect
SafeArrayCopy
SafeArrayPutElement
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetVartype
DispCallFunc
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayDestroy
SafeArrayCreateVector
OleCreateFontIndirect

gdi32

GetClipBox
SetViewportExtEx
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
PatBlt
StretchBlt
GetObjectType
CreateSolidBrush
DeleteObject
CreateEnhMetaFileW
SetWindowExtEx
CloseEnhMetaFile
CreateRectRgnIndirect
CreateDCW
GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

678c0342f62e0c0834b7c9bf7708be3f

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

ole32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 88KB

.data Size: 65KB - Virtual size: 65KB

.rsrc Size: 102KB - Virtual size: 101KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 88KB - Virtual size: 88KB

.data
Size: 65KB - Virtual size: 65KB

.rsrc
Size: 102KB - Virtual size: 101KB

.reloc
Size: 7KB - Virtual size: 6KB