12c4e9a5db8d21e6d74e965bcedf70a0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

12c4e9a5db8d21e6d74e965bcedf70a0_JaffaCakes118
Size

108KB
MD5

12c4e9a5db8d21e6d74e965bcedf70a0
SHA1

68e1d71201c09588ac7354432993cad0e684b991
SHA256

739e974ca44cfd5e204c5dfe8516026fb3425c9a344872ba54cbd72f4516c0b9
SHA512

9afc1693f0cba359ba9ccd7b66304f682f308cd16d01ebdefc15bd80db84fcac4fe58b882f33659b0e9849dd4da03efc7eca3c2a9cfdc2fdb602821633d86401
SSDEEP

3072:qf5gHjxBwVT+Dc6LaKwplCCIyDbmoc7P2yqr4zeJqguQ:qm3QT+DYVDbmoKgu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12c4e9a5db8d21e6d74e965bcedf70a0_JaffaCakes118

Files

12c4e9a5db8d21e6d74e965bcedf70a0_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

712b2769da9b4fc3f43be528ac3f58f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetHandleInformation
ReadConsoleInputA
EscapeCommFunction
FlushFileBuffers
CancelIo
GetDateFormatW
VirtualQueryEx
GetAtomNameW
OpenProcess
lstrlenA
AddAtomW
HeapReAlloc
HeapCreate
EnumUILanguagesW
CreatePipe
OpenFileMappingA
InterlockedExchangeAdd
SetInformationJobObject
GetTapeParameters
RemoveDirectoryW
DosDateTimeToFileTime
GetDiskFreeSpaceExW
EnumResourceLanguagesA
SetLastError
GetTempFileNameA
ExitThread
FindResourceW
LockFileEx
GetStringTypeExW
GetFullPathNameW
SetEnvironmentVariableA
RegisterWaitForSingleObject
GetThreadLocale
GetProfileStringW
FindVolumeMountPointClose
GetStringTypeW
DisconnectNamedPipe
EnumResourceLanguagesW
GetModuleFileNameW
GetUserDefaultLangID
FindFirstChangeNotificationW
UnlockFileEx
TryEnterCriticalSection
GetConsoleOutputCP
GetDefaultCommConfigW
HeapUnlock
WriteConsoleA
FindResourceExW
SetCurrentDirectoryW
SetConsoleWindowInfo
GlobalGetAtomNameA
GetCurrentDirectoryA
RtlMoveMemory
GetVolumePathNameW
LocalReAlloc
GetSystemWindowsDirectoryA
VerLanguageNameW
GetFileAttributesA
FindNextVolumeW
GetFullPathNameA
GetVolumeInformationA
QueryPerformanceFrequency
GetVolumePathNamesForVolumeNameW
ExitProcess
GetUserDefaultUILanguage
GetStringTypeExA
GetEnvironmentVariableA
FreeResource
CancelWaitableTimer
GetThreadContext
IsBadCodePtr
GetVersionExW
GetThreadPriority
FindAtomA
GetCompressedFileSizeW
WriteFileEx
SleepEx
lstrcmpA
GetProfileIntW
FindFirstFileExW
GetFileAttributesW
GetStdHandle
CreateJobObjectW
GetStringTypeA
SetConsoleCursorPosition
GetModuleHandleW
GetProfileSectionA
CreateMutexW
DuplicateHandle
SetConsoleActiveScreenBuffer
ReadProcessMemory
OpenMutexA
OpenSemaphoreA
GetShortPathNameA
GlobalFlags
CreateTimerQueue
SetErrorMode
GetModuleHandleExW
SetSystemTime
GetCurrentThread
CreateMailslotW
WriteProfileStringA
HeapLock
GetTimeFormatA
GetCurrentDirectoryW
LocalLock
lstrcmpW
GetLongPathNameW
CopyFileExW
SetProcessShutdownParameters
IsValidLocale
HeapValidate
GetDriveTypeW
CreateDirectoryA
InterlockedIncrement
LocalFree
GetCurrentProcessId
InterlockedDecrement
GetTickCount
CloseHandle
CreateMutexA
VirtualProtect
ExpandEnvironmentStringsA
LeaveCriticalSection
WaitForSingleObject
LoadLibraryA
InterlockedExchange
DeleteFileA
Sleep
GetModuleHandleA
HeapAlloc
InitializeCriticalSection
VirtualQuery
CopyFileA
CreateFileMappingA
GetProcAddress
GetModuleFileNameA
AddAtomA

user32

DefMDIChildProcW
DeferWindowPos
GetUpdateRgn
SendInput
AppendMenuA
MonitorFromPoint
VkKeyScanA
CallWindowProcW
CreateAcceleratorTableW
DrawAnimatedRects
GetScrollBarInfo
GetUpdateRect
InvalidateRect
GetCaretPos
IsZoomed
DestroyMenu
GetDCEx
MessageBoxIndirectA
GetMenuItemCount
SetCaretPos
CheckMenuItem
DrawEdge
SendMessageW
LoadStringW
GetScrollRange
DrawIcon
GetWindowTextW
CharUpperBuffA
IsWindow
IsWindowVisible
EnableMenuItem
MessageBoxW
SetWindowLongW
FrameRect
CopyAcceleratorTableA
RegisterHotKey
SetWindowRgn
MsgWaitForMultipleObjectsEx
CallWindowProcA
GetProcessWindowStation
CloseWindowStation
PostThreadMessageA
CharLowerBuffW
GetProcessDefaultLayout
SetThreadDesktop
GetClassLongA
GetIconInfo
wsprintfA
LoadCursorA
GetWindowLongW
GetNextDlgGroupItem
BroadcastSystemMessageW
IntersectRect
PostQuitMessage
GetActiveWindow
ShowCursor
DefDlgProcA
CreateCaret
MapDialogRect
EnableWindow
InsertMenuItemA
DefFrameProcA
GetCursorPos
GetMenuState
GetAsyncKeyState
SetScrollInfo
FindWindowExA
CopyRect
DeleteMenu
CallMsgFilterW
ReleaseCapture
DestroyIcon
ScrollWindow
UnhookWindowsHook
CharLowerA
ExitWindowsEx
TranslateMDISysAccel
GetUserObjectInformationA
GetShellWindow
FreeDDElParam
SetCursor
GetDoubleClickTime
SetMenu
ChildWindowFromPointEx
LoadMenuW
GetMenuStringA
GetDlgCtrlID
UpdateWindow
GetWindowTextLengthW
ShowWindow
GetWindowRgn
FindWindowW
CharPrevW
LoadImageW
ToAsciiEx
LoadBitmapW
MapVirtualKeyA
GetTabbedTextExtentA
GetLastActivePopup
TranslateAcceleratorA
GetAncestor
DefMDIChildProcA
GetSysColorBrush
SetWindowPlacement
MessageBoxExW
GetComboBoxInfo
GetThreadDesktop
RemoveMenu
GetKeyNameTextA
CharUpperW
ChangeMenuA
EndPaint
CharLowerW
DrawTextExA
CheckMenuRadioItem
DialogBoxIndirectParamW
CreateIcon
GetDialogBaseUnits
GetInputState
SendMessageTimeoutW
GetClassInfoA
GetForegroundWindow
CharToOemA
GetWindowContextHelpId
IsMenu
SubtractRect
LoadAcceleratorsW
GetClassInfoW
GetWindowThreadProcessId
CallNextHookEx
RegisterClassExA
SendMessageA
UnhookWindowsHookEx
SetWindowLongA
GetWindowLongA
DefWindowProcA
GetClassNameA
PeekMessageA
DispatchMessageA
CreateDialogParamW

advapi32

LookupAccountNameA
RegCreateKeyExA
RegEnumKeyExA
SetNamedSecurityInfoA
RegCloseKey
ConvertSidToStringSidA
GetSecurityDescriptorSacl
RegSetValueExA
RegOpenKeyExA
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegLoadKeyA
RegEnumValueW
RegUnLoadKeyA
OpenEventLogA
RegisterServiceCtrlHandlerExA
EnumDependentServicesA
OpenThreadToken
NotifyBootConfigStatus
DuplicateTokenEx
RevertToSelf
RegSetValueW
ReadEventLogW
CloseServiceHandle
RegCreateKeyA
ChangeServiceConfigW
CreateServiceA
GetAclInformation
CreateProcessWithLogonW
RegOpenKeyW
GetTokenInformation
QueryServiceLockStatusW
SetThreadToken
QueryServiceStatusEx
ChangeServiceConfigA
SetEntriesInAclA
RegSaveKeyW
RegReplaceKeyW
RegSetValueExW
RegQueryValueExA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

712b2769da9b4fc3f43be528ac3f58f4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB