3d665c894fe685a3e74f7211d68d24a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d665c894fe685a3e74f7211d68d24a0_JaffaCakes118
Size

124KB
MD5

3d665c894fe685a3e74f7211d68d24a0
SHA1

5938093159abad4d09a2a810f8541dfb3e056037
SHA256

3f50a28bb5bb32a9881c4b8bcb4f0168d014fb477eabe6958e6b679427768f82
SHA512

fe3b3d69ab822242b0345c6a761d4e3c7fc9e0068d7f3ab41195c219de7c32be76b3a364158a0da865e84ce70300600edfff862d2b6fa6e71a4ae07283733c46
SSDEEP

3072:iEkDMZ+tOSdQHg24D224pmHcRqaA1vNHOsBoLWv4ypD:rkgZ82o448sJ1xtkW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d665c894fe685a3e74f7211d68d24a0_JaffaCakes118

Files

3d665c894fe685a3e74f7211d68d24a0_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

7be4283959682342647e19eb50834d9d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemPowerStatus
FindClose
GetStartupInfoA
FindFirstFileA
CopyFileExW
BindIoCompletionCallback
LCMapStringA
FindNextFileW
SetHandleInformation
GlobalMemoryStatusEx
OpenSemaphoreA
ReplaceFileW
lstrcmpiW
GetLocaleInfoA
SetConsoleActiveScreenBuffer
IsBadHugeWritePtr
SetConsoleTextAttribute
ConvertDefaultLocale
HeapCreate
HeapUnlock
GetEnvironmentStringsW
GetFileType
OpenMutexA
GlobalReAlloc
SetCurrentDirectoryA
GetStringTypeExW
WaitForSingleObjectEx
FlushViewOfFile
RemoveDirectoryA
CancelWaitableTimer
FreeConsole
GetEnvironmentVariableA
DeleteCriticalSection
IsWow64Process
FreeEnvironmentStringsW
SearchPathA
DeleteFileW
DisconnectNamedPipe
GlobalAddAtomW
lstrcpynA
GetDateFormatA
GetConsoleScreenBufferInfo
GetTempPathW
GetExitCodeProcess
GlobalDeleteAtom
CreateProcessW
LocalFree
LocalReAlloc
HeapReAlloc
IsBadHugeReadPtr
lstrcpynW
TerminateProcess
GetTimeZoneInformation
IsBadStringPtrA
GetCurrentDirectoryW
PulseEvent
FindCloseChangeNotification
GetThreadPriority
GetCurrentDirectoryA
GetDiskFreeSpaceA
GlobalFree
CallNamedPipeA
GetLocaleInfoW
lstrcatA
GetLogicalDriveStringsA
GetProfileStringA
GetDateFormatW
GetModuleFileNameW
VerLanguageNameW
ChangeTimerQueueTimer
GetDriveTypeA
GetTempFileNameW
LocalLock
GetSystemTime
IsBadCodePtr
WriteConsoleW
GetCurrentProcess
AreFileApisANSI
DeviceIoControl
lstrlenW
CreateWaitableTimerA
FindAtomW
MapViewOfFileEx
GetHandleInformation
WaitForMultipleObjects
FormatMessageW
CreateTimerQueueTimer
CreateSemaphoreA
GetVolumeInformationA
UnregisterWait
IsValidLanguageGroup
GetNumberFormatA
CreateWaitableTimerW
SetLastError
DuplicateHandle
SetInformationJobObject
FindFirstChangeNotificationA
InterlockedExchangeAdd
RegisterWaitForSingleObject
CancelIo
SetConsoleTitleA
GetLongPathNameW
TerminateThread
GetLocalTime
CreateIoCompletionPort
SwitchToThread
HeapCompact
RemoveDirectoryW
CreateJobObjectW
GetWindowsDirectoryA
UpdateResourceA
lstrcpyW
GetSystemTimeAdjustment
WaitNamedPipeA
LockFileEx
GetEnvironmentVariableW
GetProcessAffinityMask
GetComputerNameW
GetFileSizeEx
LocalUnlock
InterlockedDecrement
CloseHandle
InterlockedIncrement
GetModuleHandleA
ReleaseMutex
MoveFileA
HeapFree
ExpandEnvironmentStringsA
HeapAlloc
MapViewOfFile
CreateProcessA
LeaveCriticalSection
CreateFileMappingA
CreateDirectoryA
WriteFile
VirtualProtect
DeleteFileA
EnterCriticalSection
GetTickCount
GetProcessHeap
CreateFileA
LoadLibraryA
GetComputerNameA
UnmapViewOfFile
ReadFile
GlobalAlloc
CreateMutexA
InterlockedExchange
GetProcAddress
QueueUserAPC

ole32

RevokeDragDrop
OleCreateLinkFromData
CoCreateGuid
CoRevertToSelf
OleQueryLinkFromData
CoGetObjectContext
OleLoad
CreateGenericComposite
StgOpenStorageOnILockBytes
CoGetMalloc
OleDestroyMenuDescriptor
StgCreateDocfileOnILockBytes
CoEnableCallCancellation
OleQueryCreateFromData
OleCreateLink
CreatePointerMoniker
CoGetInterfaceAndReleaseStream
CoUnmarshalInterface
CoTaskMemAlloc
OleSetContainedObject
CoTaskMemFree
OleCreate
CoCreateInstance
CoMarshalInterThreadInterfaceInStream

shlwapi

PathSkipRootW
PathFindExtensionA
StrCpyNW
PathCanonicalizeW
UrlCanonicalizeW
UrlCombineW
StrCatBuffA
PathAppendA
PathRemoveFileSpecW
StrChrIW
PathCommonPrefixW
SHRegGetBoolUSValueW
PathAppendW
PathFindExtensionW
SHStrDupW
PathRenameExtensionW
UrlEscapeW
StrStrIA
PathIsNetworkPathW
UrlGetPartW
AssocQueryStringW
PathCombineW
PathIsDirectoryA
PathAddBackslashA
PathMatchSpecW
StrStrIW
PathCreateFromUrlW
SHGetValueA
PathFileExistsA
StrFormatKBSizeW
SHDeleteValueW
StrCatBuffW
PathGetCharTypeW
UrlUnescapeW

advapi32

RegEnumKeyA
RegCloseKey
SetNamedSecurityInfoA
RegQueryInfoKeyA
RegCreateKeyExA
RegOpenKeyExA
LookupAccountNameA
ConvertSidToStringSidA
RegEnumKeyW
GetUserNameA
CreateProcessAsUserW
RegRestoreKeyA
ImpersonateSelf
GetTokenInformation
RegLoadKeyA
RegQueryValueExW
RegCreateKeyExW
SetEntriesInAclA
ImpersonateLoggedOnUser
QueryServiceLockStatusA
EnumServicesStatusExW
MapGenericMask
RegNotifyChangeKeyValue
GetEffectiveRightsFromAclW
QueryServiceLockStatusW
RegRestoreKeyW
ClearEventLogW
RegEnumKeyExA
RegisterServiceCtrlHandlerExW
RegSaveKeyExW
UnlockServiceDatabase
RegUnLoadKeyW
GetUserNameW
RegisterServiceCtrlHandlerExA
OpenEventLogA
CreateProcessAsUserA
StartServiceCtrlDispatcherW
RegOpenCurrentUser
RegCreateKeyA
RegOpenKeyW
GetInheritanceSourceW
CreateServiceW
EnumServicesStatusW
RegConnectRegistryW
SetThreadToken

gdi32

GetNearestColor
LineTo
DeleteMetaFile
GetFontResourceInfoW
OffsetViewportOrgEx
CreateMetaFileW
PlayEnhMetaFile
SetTextAlign
GetTextFaceA
GetViewportExtEx
SetICMMode
EnumFontFamiliesExW
GetTextCharsetInfo
SetColorAdjustment
SetDIBColorTable
SetBrushOrgEx
Arc
Chord
ExtEscape
ResetDCA
CreateFontW
SetViewportOrgEx
GetTextExtentPoint32A
AbortDoc
ExtTextOutW
FlattenPath
GetCharABCWidthsW
Polyline
CreateHatchBrush
PtVisible
PlayMetaFileRecord
PolyPolyline
GetRegionData
CreateScalableFontResourceA
EndPage
GetTextExtentExPointW
StrokePath
GetPixelFormat
GetSystemPaletteUse
GetCharABCWidthsA
CloseMetaFile
LPtoDP
GetCurrentPositionEx
CreateBitmap
EnumMetaFile
SetMagicColors
GetPaletteEntries
CreateDCW
CreateRoundRectRgn
MoveToEx
DPtoLP
GetLayout
GetTextExtentPoint32W
ResizePalette
SetROP2
GetPath
SetMiterLimit
CreateICA
SetStretchBltMode
SetGraphicsMode
ScaleWindowExtEx
CopyMetaFileW
CreateMetaFileA
BitBlt
SetMetaFileBitsEx
SelectObject
EnumEnhMetaFile
GetBitmapBits
GetTextAlign
CreateEllipticRgnIndirect

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7be4283959682342647e19eb50834d9d

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

advapi32

gdi32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB