0fc1d332b5f250a18ac9ebfc9b3f6fa5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0fc1d332b5f250a18ac9ebfc9b3f6fa5_JaffaCakes118
Size

176KB
MD5

0fc1d332b5f250a18ac9ebfc9b3f6fa5
SHA1

c739d24601d1af7f7887d225692e4c1243615a05
SHA256

6c82bc4ad69a3c71987d7861f39112aa517012ac3d3013ead8dc94edff66e556
SHA512

acb85cf6ab7a054691639003e65c464cad31082d7e2da36e4492ae4dd626e88781e352f2e94fe3b61100b748d003f5c5785c0afa1b4c2bd852b34c14fefc7a52
SSDEEP

3072:QPvYWHZ/2TzhO6yxpkN/GAsn0CKjEJHSma7JOJknvtmm1F9ayKcUCn:wHZ/2TzhO6QTln0HUbk3n51F9L9R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fc1d332b5f250a18ac9ebfc9b3f6fa5_JaffaCakes118

Files

0fc1d332b5f250a18ac9ebfc9b3f6fa5_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

3fd61b844fd72f3e417da586ddb6f0a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

netapi32

Netbios

ole32

CoTaskMemAlloc
CoCreateInstance
CoCreateGuid
CoTaskMemFree
CoInitialize

advapi32

CryptGenRandom
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegCloseKey
CryptReleaseContext
CryptAcquireContextA

shlwapi

SHGetValueA
StrStrIA
SHSetValueA

winmm

timeGetTime

rpcrt4

UuidToStringA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

user32

GetClassNameA
GetWindowThreadProcessId
EnumChildWindows
EnumWindows
wsprintfA
CreateWindowExA
CloseClipboard
GetMessageA
TranslateMessage
OpenClipboard
SystemParametersInfoA
SetWindowPos
KillTimer
DispatchMessageA
DefWindowProcA
ShowWindow
RegisterClassExA
SetTimer

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

wininet

InternetOpenA
InternetCloseHandle
InternetReadFile
InternetSetOptionA
InternetOpenUrlA
HttpQueryInfoA

msvcrt

??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
printf
ispunct
islower
_CxxThrowException
??1exception@@UAE@XZ
strerror
isupper
strncpy
strchr
fclose
fwrite
fopen
tmpnam
atoi
strtol
isgraph
??3@YAXPAX@Z
isalnum
?what@exception@@UBEPBDXZ
wcscmp
tolower
isspace
strstr
toupper
strtok
isalpha
isxdigit
wctomb
__mb_cur_max
srand
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
malloc
free
__CxxFrameHandler
??2@YAPAXI@Z
wcslen

oleaut32

SysAllocString
SysFreeString
VariantClear
GetErrorInfo

kernel32

lstrcmpA
GetCurrentProcessId
QueryPerformanceCounter
Sleep
lstrcmpiA
InterlockedExchange
GetEnvironmentVariableA
GetEnvironmentStrings
FreeEnvironmentStringsA
MultiByteToWideChar
GetModuleHandleA
GetSystemInfo
GetVersionExA
lstrcpynA
CreateFileA
OpenProcess
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetCurrentDirectoryA
lstrcpyA
GetCurrentThread
GetThreadTimes
DeleteFileA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateProcessA
WaitForSingleObject
CloseHandle
MoveFileExA
FormatMessageA
LocalFree
GetFullPathNameA
SetLastError
GetLastError
HeapAlloc
HeapSize
GetVersion
HeapFree
lstrlenA
GetSystemDirectoryA
GetModuleFileNameA
GetTickCount
GetCurrentProcess
GetProcessTimes
QueryPerformanceFrequency
GetLocalTime
SleepEx
GetProcessHeap
GetWindowsDirectoryA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fd61b844fd72f3e417da586ddb6f0a9

Headers

File Characteristics

Imports

netapi32

ole32

advapi32

shlwapi

winmm

rpcrt4

version

user32

psapi

wininet

msvcrt

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 105KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 24KB - Virtual size: 27KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 108KB - Virtual size: 105KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 24KB - Virtual size: 27KB

.reloc
Size: 12KB - Virtual size: 8KB