1132b2c02e41525e51f18c42bd966387_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1132b2c02e41525e51f18c42bd966387_JaffaCakes118
Size

116KB
MD5

1132b2c02e41525e51f18c42bd966387
SHA1

9b77eff737e91660a625558c5760b999ace2e5f9
SHA256

0a292cbb7599a99a93c5bc374c86862ab296f86aa4c92258bf6f4e8cade62179
SHA512

1b40d4c5d6bff11cd8f0d4c7fdb5652f8de332d9d9a091b6bd42d838ce78ef8a2adaa3cfedb79bae7d25435f21ee4a95df46f8fedd01a6dd2b751476dbbe4d42
SSDEEP

3072:r1P35GUlj5epj+iYWNbCcNBTjLherlvLGtUCijuE0cG6z:r1P35GsepjCWNbCsBHA5vLAeG6z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1132b2c02e41525e51f18c42bd966387_JaffaCakes118

Files

1132b2c02e41525e51f18c42bd966387_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

8cbb716540b40aa9c1204a10f3fff21a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemDefaultUILanguage
PeekNamedPipe
WaitForSingleObjectEx
ConnectNamedPipe
GetStringTypeExW
GlobalFindAtomA
GetLocaleInfoA
DeleteTimerQueueTimer
GetLargestConsoleWindowSize
FindAtomW
AddAtomW
LoadResource
DeleteTimerQueueEx
SystemTimeToFileTime
PurgeComm
PostQueuedCompletionStatus
GlobalAddAtomW
LocalLock
SizeofResource
TerminateJobObject
OpenFile
CreateTimerQueueTimer
GetDateFormatW
FindNextVolumeMountPointW
FlushConsoleInputBuffer
FindNextVolumeW
CreatePipe
GetDiskFreeSpaceW
SetVolumeMountPointW
GetQueuedCompletionStatus
InterlockedCompareExchange
GetNumberFormatW
GetTimeFormatA
IsBadStringPtrA
OpenProcess
ReplaceFileW
LockResource
CreateDirectoryW
GlobalReAlloc
GetFileAttributesW
GetStringTypeExA
LocalFlags
RemoveDirectoryA
GetFileSize
VirtualUnlock
GetStringTypeW
FindFirstVolumeMountPointW
GetUserDefaultLCID
GetConsoleCP
FreeConsole
GetThreadTimes
WriteConsoleA
SearchPathW
TerminateProcess
GetFileInformationByHandle
WriteConsoleInputA
GetTempFileNameA
FreeLibraryAndExitThread
OpenSemaphoreA
ResetEvent
GetBinaryTypeA
GetStartupInfoW
HeapSetInformation
WriteProcessMemory
FindClose
GetComputerNameExW
SetLastError
GlobalHandle
CreateConsoleScreenBuffer
GetTempPathA
FormatMessageW
FindFirstFileA
CreateMailslotW
WriteFileEx
GetCommandLineW
IsValidLocale
GetSystemDefaultLangID
FindResourceExA
GetTimeFormatW
GetSystemTime
VerifyVersionInfoA
RtlUnwind
GetConsoleScreenBufferInfo
DisconnectNamedPipe
GetExitCodeProcess
GetProfileStringW
DeleteCriticalSection
GetProfileSectionA
GetFileAttributesExA
OpenEventW
CallNamedPipeA
CreateIoCompletionPort
FindAtomA
ConvertDefaultLocale
GetStartupInfoA
HeapWalk
SetComputerNameExW
FindCloseChangeNotification
WriteProfileStringW
EnumResourceLanguagesA
CreateMutexW
GetLogicalDriveStringsA
GetCommandLineA
GetLocalTime
SetInformationJobObject
GetDateFormatA
SetEnvironmentVariableW
lstrcmpiA
GetNumberFormatA
RtlMoveMemory
VirtualAlloc
FindNextFileW
OpenEventA
FreeResource
SetVolumeLabelW
EnumResourceLanguagesW
EnumResourceNamesA
lstrcpyA
SetFileAttributesA
GetTempFileNameW
Sleep
WaitForSingleObject
ReleaseMutex
MoveFileA
LocalFree
GetLastError
LoadLibraryA
GetCurrentProcessId
GetSystemTimeAsFileTime
EnterCriticalSection
GetModuleFileNameA
InitializeCriticalSection
LeaveCriticalSection
HeapAlloc
VirtualProtect
CloseHandle
CreateMutexA
CreateDirectoryA
GetProcessHeap
CreateFileA
WriteFile
CreateProcessA
ReadFile
GetProcAddress
HeapFree
DeleteFileA
QueueUserAPC
ExpandEnvironmentStringsA

ole32

StgOpenStorageOnILockBytes
OleQueryLinkFromData
CoDisableCallCancellation
CoSetProxyBlanket
CoTaskMemRealloc
OleRegGetUserType
IIDFromString
CreateFileMoniker
GetHGlobalFromStream
OleCreateLinkFromData
OleSaveToStream
OleRun
OleCreateLinkToFile
CreatePointerMoniker
MkParseDisplayName
GetHGlobalFromILockBytes
CoEnableCallCancellation
CoQueryProxyBlanket
StringFromIID
OleSetContainedObject
OleCreate
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitialize

shlwapi

PathUnquoteSpacesW
UrlCombineW
UrlEscapeW
StrCmpNIW
UrlIsW
PathFileExistsW
PathUndecorateW
SHRegGetUSValueW
PathSkipRootW
PathIsRelativeW
StrCatBuffW
PathMakePrettyW
SHStrDupW
PathIsUNCW
SHSetValueW
PathAddBackslashA
PathIsRootW
PathAddExtensionW
PathIsURLW
StrCmpNW
StrChrA
PathIsDirectoryW
PathCompactPathExW
StrCpyNW
PathCompactPathW
PathAddBackslashW
PathGetCharTypeW
StrCmpIW
PathStripToRootW
StrRetToStrW
PathAppendA
UrlCanonicalizeW
UrlUnescapeW

gdi32

CreateICW
SetPixel
CreateScalableFontResourceA
CreatePatternBrush
CloseFigure
EndPage
GetTextFaceW
CreateDIBitmap
UnrealizeObject
StretchBlt
GetGraphicsMode
PaintRgn
GetDCOrgEx
Chord
GetCharWidthA
SetTextCharacterExtra
GetTextColor
GetCharABCWidthsW
GetGlyphOutlineW
SetICMMode
TranslateCharsetInfo
SetColorAdjustment
CreateHatchBrush
SetPixelV
GetSystemPaletteUse
AddFontResourceA
GetWinMetaFileBits
CloseMetaFile
PtVisible
GetLayout
LPtoDP
SetSystemPaletteUse
EndPath
SetTextColor
GetPixelFormat
GetTextCharset
GetBitmapBits
GetPaletteEntries
UpdateColors
GetDIBits
EnumFontsA
PlayEnhMetaFileRecord
GetGlyphOutlineA
DescribePixelFormat
Ellipse
GetTextExtentExPointW
GetTextFaceA
WidenPath
SetDCBrushColor
StrokeAndFillPath
FlattenPath
CreateFontIndirectA
GetCurrentPositionEx
StrokePath
SetMiterLimit
GetRegionData
StretchDIBits
CreateDIBSection
CopyEnhMetaFileA
ExtTextOutW
CreateEnhMetaFileW
SetBrushOrgEx
PolyBezierTo
GetCharWidthW
BitBlt
PtInRegion
ExtCreateRegion
GetViewportOrgEx
GetWorldTransform
AddFontResourceW
PatBlt
SetLayout
CreatePalette
TextOutA
StartPage
RemoveFontResourceW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cbb716540b40aa9c1204a10f3fff21a

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 90KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 92KB - Virtual size: 90KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB