37487606f09e37ae5c68daa605be1e93_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

37487606f09e37ae5c68daa605be1e93_JaffaCakes118
Size

375KB
MD5

37487606f09e37ae5c68daa605be1e93
SHA1

75ecfaf8b2f24ed0e79f12cfdc4b33bd723bbb86
SHA256

ef6f473c55d571021ee261f0382048b6579a260053becd2ae121b6fc466f9653
SHA512

bfd26a27cd72185de811c681640f20b18a9707b4e2b2f5168748ac9de7c4243ce5f70f02cfb82f6d973b8023ae38f485099aca12bbcf15c4bbe64a034a7b03da
SSDEEP

6144:E3bxlEsosz+2S5lgxVVfPoR52EUPwxgJ2u+/it7mcDSlYbjlSweXx5YWVRvc:E3Ssz+7bgL1QiSu+qJAYbjlRqx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37487606f09e37ae5c68daa605be1e93_JaffaCakes118

Files

37487606f09e37ae5c68daa605be1e93_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

0f97cc7b23d704dc5d821d1a0ba028a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libvlc

libvlc_audio_get_channel
libvlc_audio_get_mute
libvlc_audio_get_track
libvlc_audio_get_track_count
libvlc_audio_get_track_description
libvlc_audio_get_volume
libvlc_audio_set_channel
libvlc_audio_set_mute
libvlc_audio_set_track
libvlc_audio_set_volume
libvlc_audio_toggle_mute
libvlc_event_attach
libvlc_event_detach
libvlc_get_fullscreen
libvlc_get_version
libvlc_media_add_option_flag
libvlc_media_list_add_media
libvlc_media_list_count
libvlc_media_list_item_at_index
libvlc_media_list_lock
libvlc_media_list_new
libvlc_media_list_release
libvlc_media_list_remove_index
libvlc_media_list_unlock
libvlc_media_new_location
libvlc_media_player_event_manager
libvlc_media_player_get_fps
libvlc_media_player_get_length
libvlc_media_player_get_position
libvlc_media_player_get_rate
libvlc_media_player_get_state
libvlc_media_player_get_time
libvlc_media_player_has_vout
libvlc_media_player_is_playing
libvlc_media_player_new_from_media
libvlc_media_player_pause
libvlc_media_player_play
libvlc_media_player_release
libvlc_media_player_set_hwnd
libvlc_media_player_set_position
libvlc_media_player_set_rate
libvlc_media_player_set_time
libvlc_media_player_stop
libvlc_media_release
libvlc_new
libvlc_release
libvlc_set_fullscreen
libvlc_toggle_fullscreen
libvlc_toggle_teletext
libvlc_video_get_aspect_ratio
libvlc_video_get_crop_geometry
libvlc_video_get_height
libvlc_video_get_logo_int
libvlc_video_get_marquee_int
libvlc_video_get_marquee_string
libvlc_video_get_spu
libvlc_video_get_spu_count
libvlc_video_get_spu_description
libvlc_video_get_teletext
libvlc_video_get_width
libvlc_video_set_aspect_ratio
libvlc_video_set_crop_geometry
libvlc_video_set_deinterlace
libvlc_video_set_logo_int
libvlc_video_set_logo_string
libvlc_video_set_marquee_int
libvlc_video_set_marquee_string
libvlc_video_set_spu
libvlc_video_set_teletext
libvlc_video_take_snapshot

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

gdi32

BitBlt
CloseEnhMetaFile
CloseMetaFile
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateEnhMetaFileW
CreateMetaFileW
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteObject
GetDeviceCaps
GetStockObject
LineTo
MoveToEx
OffsetViewportOrgEx
RestoreDC
SaveDC
SelectObject
SetMapMode
SetViewportExtEx
SetWindowExtEx
SetWindowOrgEx

kernel32

CloseHandle
CreateEventW
CreateFileW
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DeleteFileW
EnterCriticalSection
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetFileInformationByHandle
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetTempPathW
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
ReleaseSemaphore
ResetEvent
SetEvent
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte

msvcrt

_write
__dllonexit
__lc_codepage
__mb_cur_max
_assert
_errno
_iob
_stricmp
_wcsicmp
abort
fflush
fputc
fputs
free
fwrite
getenv
iswctype
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
realloc
sprintf
strcmp
strcpy
strerror
strlen
swprintf
swscanf
vfprintf
wcschr
wcscpy
wcslen

ole32

CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CreateBindCtx
CreateDataAdviseHolder
CreateOleAdviseHolder
OleFlushClipboard
OleIsCurrentClipboard
OleRegEnumVerbs
OleRegGetUserType
StringFromGUID2

oleaut32

CreateErrorInfo
DispGetIDsOfNames
DispInvoke
LoadRegTypeLib
LoadTypeLibEx
OleCreatePictureIndirect
OleTranslateColor
SafeArrayGetDim
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetVartype
SetErrorInfo
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
UnRegisterTypeLib
VariantChangeType
VariantClear
VariantCopy
VariantInit

shlwapi

SHDeleteKeyW
UrlIsW

user32

BeginPaint
ClientToScreen
CreateWindowExW
DefWindowProcW
DestroyIcon
DestroyWindow
EndPaint
FillRect
GetActiveWindow
GetCapture
GetClassInfoW
GetClientRect
GetCursorPos
GetDC
GetKeyState
GetMessagePos
GetParent
GetSystemMetrics
GetUpdateRect
GetWindow
GetWindowLongW
GetWindowRect
GetWindowTextW
InvalidateRect
IsDlgButtonChecked
IsWindowVisible
KillTimer
LoadCursorW
LoadImageW
MoveWindow
OffsetRect
PtInRect
RegisterClassW
SendMessageW
SetActiveWindow
SetCursor
SetParent
SetRect
SetTimer
SetWindowLongW
SetWindowPos
SetWindowRgn
ShowWindow
UnregisterClassW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.gnu_deb
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f97cc7b23d704dc5d821d1a0ba028a5

Headers

DLL Characteristics

File Characteristics

Imports

libvlc

advapi32

gdi32

kernel32

msvcrt

ole32

oleaut32

shlwapi

user32

Exports

Exports

Sections

.text Size: 173KB - Virtual size: 173KB

.data Size: 19KB - Virtual size: 18KB

.rdata Size: 24KB - Virtual size: 24KB

.bss Size: - Virtual size: 2KB

.edata Size: 512B - Virtual size: 180B

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 79KB - Virtual size: 78KB

.reloc Size: 9KB - Virtual size: 8KB

.gnu_deb Size: 60KB - Virtual size: 60KB

.text
Size: 173KB - Virtual size: 173KB

.data
Size: 19KB - Virtual size: 18KB

.rdata
Size: 24KB - Virtual size: 24KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 180B

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 79KB - Virtual size: 78KB

.reloc
Size: 9KB - Virtual size: 8KB

.gnu_deb
Size: 60KB - Virtual size: 60KB