12c7f925d405ede6cce5a3ddc68607bb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

12c7f925d405ede6cce5a3ddc68607bb_JaffaCakes118
Size

2.4MB
MD5

12c7f925d405ede6cce5a3ddc68607bb
SHA1

b4810faab28b43ac5a2967c8381b999aa2666b7d
SHA256

a36c4a37798d7aaa947fc99e9d6c53d2ce43be760f6cbcdc0812a247fd48025f
SHA512

2925d5ce3282c24c7d403076a5adbb647c3f7443810280188901bfae6184105637e4a00fb60bea1dedc96806a3632f56195245ace6711d643821dd34045e574e
SSDEEP

49152:ZOc7kIjloG1qCxF0itcVZ3RWq8YidFUvcULCGiO2xQm1sWMSziRLj3w:ExwxlxqVZv8YqFCcTGabZMoELjA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12c7f925d405ede6cce5a3ddc68607bb_JaffaCakes118

Files

12c7f925d405ede6cce5a3ddc68607bb_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

45a1c8bdaab890229b6b246e88019390

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstVolumeW
FindResourceExA
GetEnvironmentVariableA
GetDateFormatW
VirtualAlloc
PostQueuedCompletionStatus
HeapDestroy
VirtualQueryEx
GlobalFindAtomA
IsBadReadPtr
GetUserDefaultLangID
SetFilePointer
HeapUnlock
CreateSemaphoreA
GetEnvironmentStrings
CreateHardLinkW
CreateMailslotW
ProcessIdToSessionId
CreateNamedPipeA
WaitNamedPipeA
FormatMessageW
AddRefActCtx
GetEnvironmentStringsW
GetModuleFileNameA
VirtualQuery
UnlockFile
SetHandleInformation
OpenMutexW
IsBadHugeReadPtr
MoveFileExW
LoadLibraryA
QueueUserAPC
CallNamedPipeA
WriteFile
SetFileApisToOEM
SetVolumeLabelW
EnumResourceLanguagesA
VirtualFree
GetProcAddress

ole32

OleCreateLink
CoGetMarshalSizeMax
CoDisableCallCancellation
CoGetClassObject
CoUnmarshalInterface
CreateFileMoniker
ReadFmtUserTypeStg
IIDFromString
BindMoniker
CoFreeUnusedLibraries
StgIsStorageFile
PropVariantCopy

user32

DialogBoxIndirectParamA
ToAscii
GetFocus
SetWindowPlacement
CreateCaret
GetMenuStringW
LookupIconIdFromDirectory
SetDlgItemTextA
UnregisterClassW
GetDC
MessageBoxA
EndDialog
GetSubMenu
DrawTextW
SendMessageA
SetClassLongW
DeleteMenu
GetSystemMenu
ShowWindowAsync
SetMenuItemBitmaps
IsZoomed
ShowWindow
GetWindowRect
ChildWindowFromPointEx
CallMsgFilterW
wsprintfA
RemoveMenu
SetScrollRange
SetCapture
SetWindowLongA
GetMenuDefaultItem
SetProcessDefaultLayout
DrawTextA
GetWindowDC
GetWindowRgn

shlwapi

PathIsPrefixW
PathCanonicalizeW
PathAddBackslashA
UrlEscapeW
StrCatBuffW
StrCmpIW
PathIsUNCServerShareW
StrStrW
SHSetValueA

advapi32

RegNotifyChangeKeyValue
RegOpenKeyA
ReportEventA
ImpersonateLoggedOnUser
SaferGetPolicyInformation
StartServiceW
ImpersonateSelf
RegEnumKeyExA
RegQueryValueExW
RegEnumValueA
ImpersonateAnonymousToken
NotifyChangeEventLog
OpenSCManagerA
QueryServiceStatusEx
CreateProcessAsUserA
RegDeleteValueW

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
ExtractIconExA
SHChangeNotify
SHCreateDirectoryExW
SHFileOperationA
ShellAboutW

gdi32

PolyBezier
ExtCreateRegion
WidenPath
GetTextCharset
TranslateCharsetInfo
SetArcDirection
ExtTextOutA
ResetDCA
UnrealizeObject
FillPath
RemoveFontResourceA
CreateRectRgnIndirect
GetTextCharacterExtra
DeleteMetaFile
ResizePalette
AddFontResourceW
FlattenPath
RemoveFontResourceW
SetMetaRgn
Pie
CreatePatternBrush
SetMetaFileBitsEx
GetWindowOrgEx
GetTextExtentPoint32A
Escape
CloseMetaFile
GetBkMode
GetPixelFormat

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 660KB - Virtual size: 658KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45a1c8bdaab890229b6b246e88019390

Headers

File Characteristics

Imports

kernel32

ole32

user32

shlwapi

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 660KB - Virtual size: 658KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 60KB - Virtual size: 58KB

.text
Size: 660KB - Virtual size: 658KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 60KB - Virtual size: 58KB