40c96f00c34d5edf9f8d54773072bc57_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

40c96f00c34d5edf9f8d54773072bc57_JaffaCakes118
Size

488KB
MD5

40c96f00c34d5edf9f8d54773072bc57
SHA1

46f7ac6fa79c2d47fab8500676abdc29acd7c869
SHA256

fa48ba6857dde0bb1f39d5aadfb27adef98308e47da5e65d85e48633094ca051
SHA512

6bf17735315fef79e4e9ba4dcd987b9dab687b798a1f1d4781904687db46a1d0445d25a6698172544c38d21a02ca6261639d092b6f6c25b265fb16400a06527b
SSDEEP

12288:5LVg0QLIit48Cg+7RgG3o/EQE/IoZCoWZ:5LVFf44xg+72G4/EQE/IotW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40c96f00c34d5edf9f8d54773072bc57_JaffaCakes118

Files

40c96f00c34d5edf9f8d54773072bc57_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

b9e7f46689afb4013539f0d2d2be8b10

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
FormatMessageA
GetACP
lstrcmpA
GetCurrentProcess
GetVolumeInformationA
GetCurrentThreadId
FlushInstructionCache
ReadFile
SetFilePointer
CreateFileA
FreeResource
CloseHandle
GetFileSize
GetTimeZoneInformation
GetLocalTime
DeleteFileA
GlobalHandle
GlobalAlloc
VirtualAlloc
OutputDebugStringA
GetComputerNameA
DebugBreak
HeapReAlloc
HeapFree
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
lstrlenW
HeapCreate
GetVersionExA
GetSystemInfo
HeapAlloc
DisableThreadLibraryCalls
MultiByteToWideChar
MulDiv
LockResource
InterlockedIncrement
GlobalLock
GlobalUnlock
lstrcpyA
InterlockedDecrement
lstrcatA
DeleteCriticalSection
LoadLibraryA
GetProcAddress
LeaveCriticalSection
HeapDestroy
EnterCriticalSection
lstrcpynA
InitializeCriticalSection
IsDBCSLeadByte
GetLastError
lstrcmpiA
LoadLibraryExA
WriteFile
FindResourceA
VirtualFree
GetSystemTime
GetWindowsDirectoryA
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStdHandle
TlsGetValue
GetStringTypeA
TlsSetValue
GetSystemTimeAsFileTime
GlobalReAlloc
RtlUnwind
FlushFileBuffers
SetStdHandle
ExitProcess
TerminateProcess
GetCPInfo
WideCharToMultiByte
GetOEMCP
LCMapStringA
LCMapStringW
SetLastError

user32

CreateDialogParamA
GetKeyState
GetClassInfoExA
CharNextA
LoadCursorA
FillRect
DefWindowProcA
GetWindowLongA
CallWindowProcA
CreateWindowExA
GetDlgItemTextA
GetFocus
IsChild
GetMessageA
MessageBoxW
LoadBitmapA
PostMessageA
SendDlgItemMessageA
CharUpperA
MessageBoxA
EnableWindow
SetTimer
DialogBoxParamA
KillTimer
InvalidateRgn
SetCapture
ReleaseCapture
CreateAcceleratorTableA
LoadStringA
GetDialogBaseUnits
IsDialogMessageA
SetFocus
ShowWindow
GetParent
DestroyWindow
IsWindow
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
ReleaseDC
GetDC
InvalidateRect
EndPaint
GetClientRect
BeginPaint
MoveWindow
WinHelpA
PeekMessageA
DispatchMessageA
wsprintfA
RegisterClassExA
GetDesktopWindow
CharLowerBuffA
SetWindowLongA
EndDialog
RedrawWindow
SetDlgItemTextA
GetSysColor
SetDlgItemInt
GetWindow
GetWindowTextA
SetWindowTextA
GetActiveWindow
RegisterWindowMessageA
DialogBoxIndirectParamA
GetDlgItemInt
wvsprintfA
SendMessageA
GetDlgItem
UnionRect
GetWindowTextLengthA
PtInRect
GetClassNameA
TranslateMessage

gdi32

DeleteMetaFile
SetWindowExtEx
SetWindowOrgEx
RestoreDC
CreateMetaFileA
GetDeviceCaps
SaveDC
SetViewportOrgEx
SetMapMode
DeleteDC
CreateDCA
DeleteObject
LPtoDP
GetTextMetricsA
SelectObject
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
GetObjectA
CreateCompatibleBitmap
GetStockObject
CreateRectRgnIndirect
CloseMetaFile

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegSetValueExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA

shell32

ShellExecuteA

ole32

OleLockRunning
StringFromCLSID
CLSIDFromString
ProgIDFromCLSID
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
OleLoadFromStream
CoGetClassObject
CoGetMalloc
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
OleSaveToStream
WriteClassStm
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CreateOleAdviseHolder
CreateDataAdviseHolder

oleaut32

SafeArrayGetUBound
SetErrorInfo
VariantInit
OleCreateFontIndirect
VariantCopy
SafeArrayRedim
DispCallFunc
SysAllocStringByteLen
OleCreatePropertyFrame
SysStringByteLen
VariantChangeType
VariantClear
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
VarUI4FromStr
SysAllocStringLen
SafeArrayDestroy
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SysStringLen
SysFreeString
CreateErrorInfo

comctl32

PropertySheetA
CreatePropertySheetPageA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9e7f46689afb4013539f0d2d2be8b10

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Exports

Exports

Sections

.text Size: 264KB - Virtual size: 260KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 88KB - Virtual size: 93KB

.rsrc Size: 88KB - Virtual size: 84KB

.reloc Size: 20KB - Virtual size: 18KB

.text
Size: 264KB - Virtual size: 260KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 88KB - Virtual size: 93KB

.rsrc
Size: 88KB - Virtual size: 84KB

.reloc
Size: 20KB - Virtual size: 18KB