2a5c75af7a1a8b39500d224688f3e7c1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2a5c75af7a1a8b39500d224688f3e7c1_JaffaCakes118
Size

136KB
MD5

2a5c75af7a1a8b39500d224688f3e7c1
SHA1

ec8f6cde89201d70ac6a4701b7483ad2a83b3493
SHA256

11c4483ffe780a6bc5dea4be63d3283aba92ae2c6861d8aa14d9f7cae2f10c41
SHA512

ae6f5cd8623842a5b70393e30cfed8ac4332d9f16aa3b83db6b1986d98c5149ab2110a5cbc48005d73007fd4f9b45fc19ae87bad0328424397f42371d7b9e0ee
SSDEEP

1536:5H7yZrjX+ifc/MF7HgqohSh/wEVTwCt2SYS+W6+2DyYCBQ6BVl8rU+scBcY:5bgr7I/igqX/htoqjO6BVl8zscBc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a5c75af7a1a8b39500d224688f3e7c1_JaffaCakes118

Files

2a5c75af7a1a8b39500d224688f3e7c1_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

99b700f354e960e72103078f40435483

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharNextA
CharLowerA
IsWindow
SendMessageA
wsprintfA

urlmon

URLDownloadToCacheFileA

advapi32

RegDeleteKeyA
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegQueryValueExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA

shlwapi

SHGetValueA

shell32

SHGetSpecialFolderPathA

kernel32

IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
CompareStringA
CompareStringW
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
CloseHandle
CreateMutexA
GetModuleHandleA
SetEvent
OpenEventA
ReleaseMutex
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
GetVersion
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
GetVersionExA
lstrlenA
GetModuleFileNameA
SizeofResource
GetSystemDirectoryA
GetWindowsDirectoryA
LoadResource
FindResourceA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
UnmapViewOfFile
CreateThread
HeapAlloc
GetProcessHeap
MapViewOfFile
OpenFileMappingA
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
GetFileSize
GetFileTime
CreateFileA
lstrcpyA
lstrcatA
FreeLibrary
GetProcAddress
LoadLibraryA
HeapFree
GetLastError
CopyFileA
GetCommandLineA
IsProcessorFeaturePresent
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
GetLocaleInfoA
GetTimeZoneInformation
ReadFile
VirtualQuery
OpenMutexA
CreateProcessA
CreateProcessW
GetLongPathNameW
FindClose
FindFirstFileA
WriteFile
SetFilePointer
DeleteFileA
SetFileAttributesA
SetEnvironmentVariableA
GetVolumeInformationA
Sleep
TerminateProcess
FormatMessageA
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
HeapSize
GetCurrentProcess
ExitProcess
RaiseException
GetLocalTime
GetSystemTime
HeapReAlloc
RtlUnwind
InterlockedExchange

ole32

CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc

oleaut32

VariantChangeType
SysFreeString
VariantClear
VariantInit
LoadRegTypeLi
SysStringLen
SysAllocStringLen
SysAllocString
VarUI4FromStr
RegisterTypeLi
LoadTypeLi

iphlpapi

GetAdaptersInfo

wininet

InternetCloseHandle
InternetOpenA
DeleteUrlCacheEntry
InternetGetConnectedState
InternetReadFile
InternetOpenUrlA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99b700f354e960e72103078f40435483

Headers

File Characteristics

Imports

user32

urlmon

advapi32

shlwapi

shell32

kernel32

ole32

oleaut32

iphlpapi

wininet

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 89KB

.rsrc Size: 4KB - Virtual size: 688B

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 89KB

.rsrc
Size: 4KB - Virtual size: 688B

.reloc
Size: 12KB - Virtual size: 8KB