17ca47d14758e0802965c3c4d034e50f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

17ca47d14758e0802965c3c4d034e50f_JaffaCakes118
Size

108KB
MD5

17ca47d14758e0802965c3c4d034e50f
SHA1

a4359aca76025694ba79e12ae5de6d6302ab05f1
SHA256

a50399084cd422c0e514d44c163a8e2e9538c2aee821ddc14910146729bcccc0
SHA512

2bdde6a644eda46ddd3fb6a1e4176e4690baba8ff290ee69c347801abd7c2d8a3bf1f9e6cac36b293c5ef3d3c63a5a904989a968096b6a9a0abbced1f1cc870a
SSDEEP

1536:589LecIt8dep4iw3R3fFcXOqiTRWnjUkyBUM9x8UJWloLahLajF:i9KcIt8depJw3hFc+qN8CUJWlbwjF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17ca47d14758e0802965c3c4d034e50f_JaffaCakes118

Files

17ca47d14758e0802965c3c4d034e50f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

0f12017c25f33c08f33eb5c0f1691938

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrcpyA
lstrcatA
GetProcAddress
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
HeapFree
FindResourceA
HeapAlloc
GetProcessHeap
LocalFree
LocalAlloc
FormatMessageA
DeleteFileA
CloseHandle
WriteFile
CreateFileA
GetTempFileNameA
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempPathA
GetFileSize
ReadFile
SetEnvironmentVariableA
CompareStringW
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
GetVersionExA
lstrlenW
CompareStringA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetFilePointer
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
RaiseException
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
HeapSize
GetCurrentProcess
TerminateProcess
TlsGetValue
RtlUnwind
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError

user32

wsprintfA
CharNextA

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

oleaut32

VariantClear
VarUI4FromStr
SysFreeString
RegisterTypeLi
SysAllocString
LoadTypeLi
LoadRegTypeLi
SysStringLen
SafeArrayGetElement
SafeArrayLock
SafeArrayUnlock
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SysStringByteLen
SysAllocStringByteLen

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wininet

InternetOpenUrlA
HttpQueryInfoA
HttpOpenRequestA
HttpSendRequestA
InternetOpenA
InternetReadFile
InternetCloseHandle
InternetConnectA
InternetSetOptionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f12017c25f33c08f33eb5c0f1691938

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

version

wininet

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 24KB - Virtual size: 26KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 24KB - Virtual size: 26KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 5KB