136c07865a3855c1eab19666e56fde86_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

136c07865a3855c1eab19666e56fde86_JaffaCakes118
Size

132KB
MD5

136c07865a3855c1eab19666e56fde86
SHA1

a0ff86268597f2d0f5628261a44be91f4f153bef
SHA256

682b4b5784106f61b5fe0d386b53a9ce3273ee7182ef83f34a245cc25b5789ef
SHA512

60f78465a0ec133bb1a4770f6f60776617d513008c1134d792cbae138e8c90c9a268e8845f622390e627ad1a1d22a969616747c5153e9d9815f9de5cc56eae56
SSDEEP

3072:cYmLFf6RDX/gJbd9w3PpDAoVgWFTz+GxdvhDjtLdFjM:cYmLgrgF8Pp4WF+0dvrjM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
136c07865a3855c1eab19666e56fde86_JaffaCakes118

Files

136c07865a3855c1eab19666e56fde86_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

6b5d625a8a3727ead97cb31a541bd58c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStringTypeExW
GetCommandLineW
GetWindowsDirectoryW
GetVolumeNameForVolumeMountPointW
FileTimeToLocalFileTime
TerminateThread
TerminateProcess
ReplaceFileW
ExitThread
GetSystemInfo
LocalAlloc
OpenFileMappingA
GetTimeFormatA
ExitProcess
OpenJobObjectW
GetDriveTypeW
LocalFileTimeToFileTime
HeapLock
VirtualQueryEx
FindClose
GetDateFormatW
GetLongPathNameW
LocalFlags
LoadResource
GetSystemDefaultUILanguage
GetTimeZoneInformation
SetCurrentDirectoryW
GetEnvironmentVariableW
GetTempPathA
FindFirstFileA
CompareFileTime
GetFileAttributesA
EnumSystemLocalesA
GetAtomNameW
DosDateTimeToFileTime
FindAtomW
FindCloseChangeNotification
RtlMoveMemory
AssignProcessToJobObject
lstrcpyW
EnumResourceLanguagesA
SwitchToThread
GetSystemWindowsDirectoryA
GetFileType
GetFullPathNameA
OpenMutexW
OpenFile
IsBadHugeReadPtr
UnlockFile
CreateEventA
VerLanguageNameW
lstrcmpA
GlobalReAlloc
SetVolumeLabelA
GlobalFree
SetInformationJobObject
GetTapeParameters
lstrcpyA
GetEnvironmentVariableA
HeapValidate
GlobalDeleteAtom
AddAtomA
QueryPerformanceFrequency
GetVolumeInformationW
GetStartupInfoW
CreateConsoleScreenBuffer
DeleteTimerQueueEx
WaitForMultipleObjectsEx
SetEndOfFile
AreFileApisANSI
IsValidCodePage
GetDriveTypeA
FindResourceA
CancelWaitableTimer
LocalReAlloc
GetSystemDefaultLangID
GetCurrentDirectoryW
GetBinaryTypeA
CreateJobObjectW
VirtualFree
IsValidLocale
IsBadCodePtr
FlushViewOfFile
FindAtomA
FindFirstChangeNotificationW
GetFileAttributesExW
QueueUserAPC
IsBadStringPtrA
GetFileSize
IsBadHugeWritePtr
GetAtomNameA
GetComputerNameExW
InterlockedExchangeAdd
UnregisterWaitEx
BindIoCompletionCallback
SetFilePointerEx
SetVolumeMountPointW
WriteProfileStringA
WinExec
FindVolumeClose
SetCurrentDirectoryA
GetCurrentThreadId
GetSystemWow64DirectoryW
FindNextFileW
GetStringTypeW
GetEnvironmentStrings
HeapSize
FindVolumeMountPointClose
CompareStringW
SetVolumeLabelW
MoveFileA
GetProcessHeap
LoadLibraryA
ExpandEnvironmentStringsA
CreateThread
InterlockedIncrement
CopyFileA
InitializeCriticalSection
CreateDirectoryA
EnterCriticalSection
GetModuleHandleA
DeleteFileA
VirtualQuery
VirtualProtect
GetTickCount
UnmapViewOfFile
LocalFree
CreateProcessA
GetProcAddress
MapViewOfFile
ReleaseMutex
WaitForSingleObject
HeapFree
GetLastError
InterlockedDecrement
lstrcpynW

ole32

GetHGlobalFromILockBytes
OleCreateLinkFromData
CoRevertToSelf
OleCreateLinkToFile
CoGetMalloc
CreateDataCache
FreePropVariantArray
CreateItemMoniker
CoReleaseMarshalData
CoCreateInstanceEx
OleDestroyMenuDescriptor
CoLockObjectExternal
OleUninitialize
CoQueryProxyBlanket
OleInitialize
SetConvertStg
OleCreateMenuDescriptor
ReadFmtUserTypeStg
CreateGenericComposite
CoTaskMemRealloc
CoWaitForMultipleHandles
CoGetInterfaceAndReleaseStream
OleRun
CoRegisterMessageFilter
CoGetObjectContext
CoCreateGuid
OleTranslateAccelerator
CoUninitialize
CoTaskMemFree
CoInitialize
CoTaskMemAlloc
CoGetCallContext

user32

FindWindowA
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
RegisterClassExA
LoadAcceleratorsA
EqualRect
InsertMenuA
GetClassInfoExA
GetDlgCtrlID
DeferWindowPos
GetWindowDC
CreateDialogIndirectParamW
MessageBoxA
GetNextDlgTabItem
VkKeyScanA
DefWindowProcW
EnumDisplaySettingsW
SetRect
GetMonitorInfoA
CharToOemW
ShowOwnedPopups
CharUpperBuffA
TrackPopupMenuEx
ToAscii
MessageBoxIndirectW
MapVirtualKeyW
GetIconInfo
PostMessageA
InvalidateRect
UpdateLayeredWindow
GetKeyNameTextA
GetDCEx
GetPropW
SetDlgItemTextA
LoadImageA
ShowCursor
MessageBoxIndirectA
GetMenuItemRect
BringWindowToTop
SetMenu
DispatchMessageW
GetClassNameW
SetCaretPos
DefFrameProcA
RegisterHotKey
IsChild
AdjustWindowRectEx
MessageBoxExA
SetForegroundWindow
DrawTextExW
GetSubMenu
AppendMenuA
WindowFromDC
CreateMenu
AdjustWindowRect
ValidateRect
SetFocus
EnumWindowStationsW
GetWindowLongW
CreateIconIndirect
DestroyMenu
SetCapture
TabbedTextOutW
GetSystemMenu
GetDlgItemInt
LookupIconIdFromDirectory
OpenDesktopW
GetClassLongW
wsprintfW
ClientToScreen
UpdateWindow
DefDlgProcW
LoadIconW
SetRectEmpty
ExitWindowsEx
MapWindowPoints
SetDlgItemTextW
AppendMenuW
PostMessageW
CreateIcon
GetCapture
GetWindowTextW
GetUserObjectInformationA
EnumDesktopsW
GrayStringA
InsertMenuItemW
UnhookWindowsHook
SetCursor
EnumDisplaySettingsA
GetShellWindow
SetWindowTextA
InSendMessage
WinHelpW
CharPrevA
TranslateAcceleratorA
OffsetRect
IsZoomed
SetMessageQueue
UnregisterClassW
GetClassInfoExW
CallWindowProcA
ReplyMessage
ReleaseCapture
WindowFromPoint
GetLastActivePopup
GetSystemMetrics
DrawTextExA
CharNextExA
ChangeDisplaySettingsA
SetPropA
ModifyMenuW
VkKeyScanW
SubtractRect
GetWindowThreadProcessId
PeekMessageA
SendMessageA

advapi32

RegQueryValueExA
RegSetValueExA
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegOpenKeyExA
LookupAccountNameA
ImpersonateSelf
QueryServiceConfig2W
DeregisterEventSource
ControlService
RegQueryValueExW
QueryServiceStatusEx
OpenThreadToken
RegisterEventSourceW
GetEffectiveRightsFromAclW
IsTextUnicode
CloseServiceHandle
RegRestoreKeyA
RegUnLoadKeyW
ReadEventLogW
RegConnectRegistryA
RegUnLoadKeyA
RegDeleteValueA
GetServiceKeyNameW
DuplicateTokenEx
SetTokenInformation
StartServiceCtrlDispatcherW
RegSetValueA
RegFlushKey
GetAclInformation
CreateProcessAsUserW
GetOldestEventLogRecord
RegisterServiceCtrlHandlerExA
OpenServiceW
RegDeleteKeyW
RegCreateKeyExA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b5d625a8a3727ead97cb31a541bd58c

Headers

File Characteristics

Imports

kernel32

ole32

user32

advapi32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 100KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 104KB - Virtual size: 100KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB