3ba166fa8b41569217d9aac45c6e573a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ba166fa8b41569217d9aac45c6e573a_JaffaCakes118
Size

162KB
MD5

3ba166fa8b41569217d9aac45c6e573a
SHA1

03895b3d68f57e143760e8713b59a4138c4ef5e1
SHA256

c7aeff9c47684c8043ee1c76c496ddfaca6042990ba7fe2ce9cebf222f877c63
SHA512

569a8b1a7bb603968125491f5a3c080c12c80f41b544ab4fa19003ae68bc52fd4125ac179133eb14d7b27bbce2f4352031655abfdbe71ec890a66be10cd1e6bf
SSDEEP

3072:7c/m5eDc+kJWB53etOn3cQIPxFP803WMu+Pzj3I04Ff3lpUEWUJflqg:7c/m5fWDrn3cQyE4xP/FvEXlqg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ba166fa8b41569217d9aac45c6e573a_JaffaCakes118

Files

3ba166fa8b41569217d9aac45c6e573a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

8ccb9649d3a0bbd9ae3c83d32dd856a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReleaseMutex
WaitForSingleObject
GetTickCount
DisableThreadLibraryCalls
HeapAlloc
GetSystemInfo
GetVersionExW
HeapCreate
GetShortPathNameW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
lstrcpynW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
DeleteCriticalSection
GetProcAddress
LoadLibraryW
lstrcpyW
lstrcatW
GetVersion
GetVolumeInformationW
GetTempFileNameW
GetTempPathW
lstrcpynA
WideCharToMultiByte
ResumeThread
VirtualQuery
InterlockedCompareExchange
GetCurrentThreadId
VirtualProtect
FlushInstructionCache
GetCurrentProcess
GetLastError
SetThreadContext
SuspendThread
VirtualAlloc
SetLastError
LoadLibraryA
CreateMutexW
RaiseException
InterlockedExchange
LocalAlloc
GetThreadLocale
GetStringTypeExW
InterlockedDecrement
OutputDebugStringW
DebugBreak
lstrlenA
InterlockedIncrement
lstrcmpW
WritePrivateProfileStringW
CreateProcessW
OpenMutexW
CloseHandle
GetModuleFileNameW
GetModuleHandleW
CreateDirectoryW
GetPrivateProfileStringW
GetDriveTypeW
GetWindowsDirectoryW
lstrlenW
GetFileAttributesW
GetCurrentThread
GetCurrentProcessId
GetEnvironmentVariableW
GetProcessHeap
TlsAlloc
SetEnvironmentVariableW
TlsFree
HeapFree
RemoveDirectoryW
DeleteFileW
MoveFileW
GetThreadContext
MoveFileExW

user32

SetMenuItemBitmaps
InsertMenuW
wsprintfW
LoadImageW
DrawTextW
InsertMenuItemW
GetSystemMetrics
LoadStringW
wvsprintfW
CharNextW
GetDC
ReleaseDC
CharLowerW
SystemParametersInfoW
GetSysColor

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumValueW

shell32

SHFileOperationW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetSpecialFolderPathW
DragQueryFileW

ole32

CoCreateInstance
ReleaseStgMedium
CoTaskMemAlloc
CoUninitialize
CoInitialize
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc

oleaut32

SysAllocString
SysStringLen
RegisterTypeLi
LoadTypeLi
SysFreeString
VarUI4FromStr
LoadRegTypeLi

shlwapi

PathIsNetworkPathW
PathSkipRootW
PathFileExistsW
SHDeleteKeyW

msvcrt

memcpy
memcmp
memset
__CxxFrameHandler
free
malloc
realloc
_purecall
wcsrchr
_except_handler3
__dllonexit
_onexit
_initterm
_adjust_fdiv
??2@YAPAXI@Z
wcsncat
_wcsicmp
_wcsnicmp
wcslen
?terminate@@YAXXZ
_CxxThrowException
_snwprintf
swprintf
swscanf
??1type_info@@UAE@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ccb9649d3a0bbd9ae3c83d32dd856a1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

msvcrt

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 8KB - Virtual size: 5KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 12KB - Virtual size: 9KB