14eaf46ba49152baab1a3b9a92e5332c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

14eaf46ba49152baab1a3b9a92e5332c_JaffaCakes118
Size

88KB
MD5

14eaf46ba49152baab1a3b9a92e5332c
SHA1

79b71040eb04f06a9374426526472c83cd84deb7
SHA256

a294212c6b604a899ce703d471df96aa4fbeec902c54e04c4292125b15d890e1
SHA512

d843d71d3bfc867fca44dde3a0dc4854f175b8bff396eaee09c0d1b20c3392e8111d25fd74f187ea5501c92f1f1977bcf1ae8319cd2ea1b55becccc9621c9cb1
SSDEEP

1536:WA+8BwyIGY1az60HhlqC1M1ZJ6z5yLgBIJquxuh7:C84GfbHhlqd6z5ogBn7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14eaf46ba49152baab1a3b9a92e5332c_JaffaCakes118

Files

14eaf46ba49152baab1a3b9a92e5332c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

55c75aa0427da8b20035650c503918c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
CreateEventA
SetEvent
ResetEvent
GetComputerNameA
QueryPerformanceCounter
Sleep
ReleaseSemaphore
IsBadReadPtr
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateSemaphoreA
WaitForSingleObject
lstrcpynA
lstrlenA
MultiByteToWideChar
AreFileApisANSI
GetFullPathNameA
GetFileAttributesA
FormatMessageA
IsBadWritePtr
ReleaseMutex
SetLastError
CloseHandle
GetModuleFileNameA
ExitProcess
CreateMutexA
GetLastError
GetProcAddress
GetModuleHandleA
InterlockedDecrement
GetTickCount
InterlockedIncrement

user32

GetWindowLongA
DialogBoxParamA
TranslateMessage
IsDialogMessageA
PeekMessageA
GetDlgItemTextA
SetCursor
GetDlgItemInt
EndDialog
SetTimer
SetDlgItemTextA
SetWindowLongA
SendMessageA
LoadIconA
KillTimer
EnableWindow
GetDlgItem
DispatchMessageA
GetDesktopWindow
MessageBoxA
CreateDialogParamA
DestroyWindow
MessageBeep
IsWindow
GetWindowRect
SetWindowPos
GetParent
LoadStringA
SendDlgItemMessageA
LoadCursorA

advapi32

RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegQueryValueExA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetDesktopFolder

ole32

StringFromCLSID
CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree

rpcrt4

IUnknown_Release_Proxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
NdrDllUnregisterProxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrDllRegisterProxy

winmm

timeGetTime

msvcrt

swprintf
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_onexit
__dllonexit
fopen
_filelength
fclose
fread
_mbschr
_fileno
wcslen
_mbslwr
_strdup
sscanf
??3@YAXPAX@Z
mbstowcs
sprintf
wcscpy
__CxxFrameHandler
_mbstok
_beginthread
realloc
_mbsrchr
free
wcstombs
malloc
time
_except_handler3
??2@YAPAXI@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
digiplib_0

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55c75aa0427da8b20035650c503918c5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

rpcrt4

winmm

msvcrt

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 40KB

.orpc Size: 4KB - Virtual size: 160B

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 16KB - Virtual size: 13KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 40KB

.orpc
Size: 4KB - Virtual size: 160B

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 16KB - Virtual size: 13KB

.reloc
Size: 4KB - Virtual size: 3KB