3a315a58183e0d9d661e8157e972f6e7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a315a58183e0d9d661e8157e972f6e7_JaffaCakes118
Size

25KB
MD5

3a315a58183e0d9d661e8157e972f6e7
SHA1

ea75543da527efcf2c436d72a573e038cd74933c
SHA256

6ac05340ee4d4b0202c525f421ee66266ae6caa18cf069b63d4141159d1b37e6
SHA512

ed69495d8cccda36610d807458a241257c9690b6dffe27bc21531c8185d1589dc6216fba1a032cdbaf29b32ef80ea444d458483733b1a5e9e91b0ec8924c479d
SSDEEP

768:TD/rVzUkN8NMTkhAtw29q9zA0Jn4CQ87aqCy:KkN8NMT7tw2gbQ877

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a315a58183e0d9d661e8157e972f6e7_JaffaCakes118

Files

3a315a58183e0d9d661e8157e972f6e7_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

acc9389fc3184b099e261eb98f9a3d0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileW
CreateDirectoryW
RemoveDirectoryW
GetFullPathNameW
GetFileAttributesW
SetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetModuleFileNameW
GetDriveTypeW
GlobalUnlock
GlobalLock
CreateProcessA
GetStdHandle
DuplicateHandle
CreatePipe
GetFullPathNameA
GetThreadLocale
lstrlenA
lstrcmpiA
GetCommandLineA
GetVolumeInformationA
CreateFileW
GetDiskFreeSpaceA
SetCurrentDirectoryA
GetCurrentDirectoryA
RemoveDirectoryA
DeleteFileA
CreateDirectoryA
MoveFileA
FindNextFileA
FindFirstFileA
SetFileAttributesA
GetFileAttributesA
FormatMessageA
lstrlenW
lstrcmpiW
LoadLibraryW
GetCommandLineW
GetVolumeInformationW
GetDiskFreeSpaceW
MoveFileW
FormatMessageW
FindNextFileW
FindFirstFileW
GlobalAlloc
GlobalFree
WideCharToMultiByte
SetThreadLocale
GetModuleHandleA
GetProcAddress
GetCurrentProcess
MultiByteToWideChar
GetModuleFileNameA
CreateFileA
WriteFile
CloseHandle
IsDBCSLeadByte
LoadLibraryA
GetSystemDefaultLCID
GetDriveTypeA
GetVersion

user32

SetDlgItemTextW
PostMessageW
SendMessageW
SendDlgItemMessageW
GetDlgItemTextW
CreateDialogParamW
DialogBoxParamW
GetWindowLongW
SetWindowLongW
GetWindowTextLengthW
SetWindowTextW
GetWindowTextW
wsprintfW
wsprintfA
LoadStringA
MessageBoxW
RegisterClassW
MessageBoxA
CreateWindowExW
FindWindowW
InsertMenuW
ModifyMenuW
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
CallWindowProcW
CharUpperW
CharLowerW
GetWindowTextA
SetWindowTextA
GetWindowTextLengthA
GetDlgItemTextA
SetDlgItemTextA
PostMessageA
SendMessageA
SendDlgItemMessageA
CreateDialogParamA
DialogBoxParamA
GetWindowLongA
SetWindowLongA
CallWindowProcA
RegisterClassA
FindWindowA
CreateWindowExA
ModifyMenuA
CharUpperA
CharLowerA
EmptyClipboard
CreatePopupMenu
InsertMenuA
OpenClipboard
RegisterClipboardFormatA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegQueryValueW
RegSetValueExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegSetValueExA
RegQueryValueExA
RegQueryValueA

shell32

ShellExecuteA
ShellExecuteExA
SHGetPathFromIDList
SHBrowseForFolder
ShellExecuteExW
ShellExecuteW
DragQueryFileW
DragQueryFileA

ole32

CoCreateInstance
ReleaseStgMedium
CoGetMalloc
StringFromIID
CoUninitialize
CoInitialize

winmm

PlaySoundA
PlaySoundW

msvcrt40

memset
memcmp
memcpy
strrchr
strcpy
sprintf
wcslen
strlen
free
??2@YAPAXI@Z
_strnicmp
??3@YAXPAX@Z
_purecall
malloc
realloc
strcmp
strtoul
strtol
strchr
_mbschr
swprintf
wcstoul
wcstol
wcsrchr
wcschr
wcscpy
_wcsnicmp
wcscmp
_initterm
_adjust_fdiv
_strdup
_wcsdup
strncpy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetMenuFlags
IsRegistServer
SetMenuFlags
UpdateDll

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

acc9389fc3184b099e261eb98f9a3d0a

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

winmm

msvcrt40

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 10KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 10KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB