3999dc6a521df009f63881ee3babfc30_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3999dc6a521df009f63881ee3babfc30_JaffaCakes118
Size

100KB
MD5

3999dc6a521df009f63881ee3babfc30
SHA1

142a225159fdebb340bd3c790cdd5a5e14e76198
SHA256

19d163fe00a0dad4d06e86133056cdeb4be9d8a415d03831476f64af94769264
SHA512

cb3ede28e342b40fcd631310265911410102a769ded006575eccecfa23183a70d2c14cc714d9554f4850b809aea46fff1b4867d048a06f6f47ed75c43d409403
SSDEEP

1536:b6tviQyZHtm2Hw8AOW3AC4375C/pnbfxTWXWaofgKGSNQidE680Q8B:wfKtNHnWwC84pnVTWXWb4WdE6k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3999dc6a521df009f63881ee3babfc30_JaffaCakes118

Files

3999dc6a521df009f63881ee3babfc30_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

eff7be98c129ba775fafb3802e8ff63f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindAtomW
RemoveDirectoryA
GetFileAttributesExW
ChangeTimerQueueTimer
GetDefaultCommConfigW
GetVolumePathNamesForVolumeNameW
WaitForMultipleObjectsEx
SetErrorMode
DeleteFileW
GlobalFindAtomA
GetFileAttributesA
GetModuleFileNameW
GetVersion
ClearCommError
GetCurrentThread
SetFileApisToOEM
IsValidCodePage
ReleaseSemaphore
GetFileAttributesExA
GetModuleHandleW
GetDiskFreeSpaceExW
WriteConsoleA
GetConsoleScreenBufferInfo
SetEndOfFile
SetDefaultCommConfigW
SetCurrentDirectoryA
LoadLibraryA
CreateRemoteThread
GetCommandLineA
ReplaceFileW
ReadDirectoryChangesW
CreateSemaphoreA
GlobalAddAtomW
SetProcessShutdownParameters
DeviceIoControl
OpenSemaphoreA
ReadConsoleW
SetConsoleMode
VirtualFree
ExitProcess
MultiByteToWideChar
FileTimeToSystemTime
GetTempPathA
SetSystemTime
ReadConsoleA
FreeConsole
GetThreadPriority
LocalReAlloc
FindVolumeMountPointClose
GetThreadLocale
FileTimeToDosDateTime
GetStringTypeW
FindNextVolumeW
SetHandleCount
RtlMoveMemory
CreateFileW
GlobalGetAtomNameA
SetEnvironmentVariableW
GetVolumePathNameW
GetUserDefaultUILanguage
GetFullPathNameW
GetSystemTimeAdjustment
TransactNamedPipe
GetUserDefaultLCID
HeapLock
LocalAlloc
ExitThread
VirtualAlloc
Beep
IsBadReadPtr
SetFilePointerEx
CreateNamedPipeW
FileTimeToLocalFileTime
HeapSize
GetTempPathW
lstrcatA
TerminateJobObject
HeapUnlock
GetVolumeNameForVolumeMountPointW
ProcessIdToSessionId
GlobalFree
lstrcpynW
EscapeCommFunction
LockFileEx
CreateConsoleScreenBuffer
HeapWalk
GetLongPathNameW
GetAtomNameA
AddAtomA
GetFullPathNameA
FindFirstFileA
CancelIo
FreeResource
GetEnvironmentStringsW
SuspendThread
FindFirstChangeNotificationA
GetAtomNameW
LocalUnlock
ReleaseMutex
GetSystemTimeAsFileTime
HeapAlloc
CreateProcessA
CreateDirectoryA
MapViewOfFile
VirtualQuery
GetModuleFileNameA
WaitForSingleObject
GetCurrentProcessId
InterlockedExchange
InterlockedIncrement
InitializeCriticalSection
GetProcessHeap
CloseHandle
MoveFileA
GetProcAddress
VirtualProtect
GetLastError
GetModuleHandleA
Sleep
GetComputerNameA
CreateThread
InterlockedDecrement
HeapFree
WriteFile
GetTickCount
UnmapViewOfFile
FindResourceExA

ole32

CoInitializeEx
CreateItemMoniker
OleUninitialize
CoSetProxyBlanket
CoRegisterMessageFilter
CoLockObjectExternal
CreateBindCtx
OleDestroyMenuDescriptor
OleGetAutoConvert
OleRun
CoMarshalInterThreadInterfaceInStream
CoUnmarshalInterface
OleLoad
CreateDataAdviseHolder
OleDuplicateData
CreateDataCache
CoGetClassObject
CoWaitForMultipleHandles
StgCreateDocfile
OleCreateFromFile
CoGetMalloc
OleTranslateAccelerator
CoTaskMemFree
CoUninitialize
CoCreateInstance
OleSetContainedObject
OleCreate

advapi32

QueryServiceConfigW
ConvertSidToStringSidA
RegCreateKeyExA
SetNamedSecurityInfoA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
MapGenericMask
OpenServiceA
RegEnumValueW
ClearEventLogW
RegDeleteValueW
RegCreateKeyW
RegisterServiceCtrlHandlerA
RegUnLoadKeyW
EnumServicesStatusW
RegUnLoadKeyA
RegEnumValueA
ImpersonateLoggedOnUser
NotifyBootConfigStatus
RegEnumKeyA
RegQueryValueA
RegSaveKeyA
EnumServicesStatusA
DuplicateToken
RegDeleteKeyW
RegOpenKeyA
CloseEventLog
GetServiceDisplayNameW
CreateServiceA
RegSetValueW
CreateServiceW
GetAclInformation
SetEntriesInAclA
OpenEventLogW
GetTokenInformation
ConvertStringSecurityDescriptorToSecurityDescriptorA
OpenProcessToken
QueryServiceLockStatusA
RegSaveKeyW
NotifyChangeEventLog
QueryServiceLockStatusW
MakeAbsoluteSD
RegLoadKeyW

gdi32

GetViewportExtEx
CreatePolygonRgn
EnumFontFamiliesExW
GetStretchBltMode
SetMetaRgn
GetTextFaceA
PlayEnhMetaFileRecord
GetTextExtentExPointA
ScaleViewportExtEx
GetCharWidthA
SetMapperFlags
SetTextJustification
DeleteEnhMetaFile
EnumFontFamiliesExA
GetTextColor
EndDoc
GetClipRgn
GetCurrentPositionEx
EnumFontFamiliesW
EnumFontsA
Ellipse
ExtTextOutA
CreateEnhMetaFileA
GetGlyphOutlineW
CreateScalableFontResourceA
CreateMetaFileW
CreateFontIndirectA
GetTextCharsetInfo
CreateBitmap
GetPaletteEntries
CreateDiscardableBitmap
GetCharABCWidthsA
ResizePalette
DeleteDC
SetDIBColorTable
GetCharacterPlacementA
CreateICW
PaintRgn
GetTextExtentPoint32W
GetFontResourceInfoW
CreateDIBSection
SetPixel
SelectObject
EndPage
UnrealizeObject
GetMapMode
PolyBezierTo
InvertRgn
PolylineTo
SetTextAlign
GetEnhMetaFileA
GetObjectW
CreateDIBPatternBrushPt
GetMetaFileA
ModifyWorldTransform
SetBkColor

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eff7be98c129ba775fafb3802e8ff63f

Headers

File Characteristics

Imports

kernel32

ole32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB