43c9997bec1cb64f4a910528d03956c0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43c9997bec1cb64f4a910528d03956c0_JaffaCakes118
Size

674KB
MD5

43c9997bec1cb64f4a910528d03956c0
SHA1

ee7963b1d9ddc477b168a184fd2d4d75a4cd458d
SHA256

38eb98106d5799fbabb33780ef24bb20f2a46076f660e6cbd110f1e0d8f401ab
SHA512

6f2c5498370984823b6aebff039e0c7eb4ad322b4efa2dfd2f90b73a341fe2885f6f24fb0a5f591297dc0773b98978d4e8d9e4b3ec8ce86ef206fe9449827424
SSDEEP

6144:HP2gmlG2LR6l/CG2n37VjrtoO8xOrQqLvcdOkowwQPOWYVUeNzDEU:v2ZWOgUQA2q+gzDEU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43c9997bec1cb64f4a910528d03956c0_JaffaCakes118

Files

43c9997bec1cb64f4a910528d03956c0_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

8b271b1e51119244f8924a11a8f08bbc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyW
RegDeleteKeyA
RegQueryValueExW
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegCreateKeyExW
RegSetValueExW
RegDeleteValueA

kernel32

FindClose
InitializeCriticalSectionAndSpinCount
DisableThreadLibraryCalls
EncodePointer
DecodePointer
InterlockedExchange
Sleep
InterlockedCompareExchange
QueryPerformanceCounter
GetLastError
GetCurrentThreadId
GetCurrentProcessId
FlushInstructionCache
GetCurrentProcess
SetLastError
InterlockedDecrement
InterlockedIncrement
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
GetModuleFileNameA
lstrlenA
MultiByteToWideChar
GetVersion
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
HeapSize
HeapReAlloc
HeapDestroy
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InterlockedPushEntrySList
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedPopEntrySList
CompareStringW
FreeLibrary
SwitchToThread
FindResourceW
FindResourceExW
GetModuleHandleA
WideCharToMultiByte
LoadLibraryA
OutputDebugStringW
LoadLibraryW
LoadLibraryExW
LocalFree
lstrcmpiA
IsDBCSLeadByte
FindResourceA
LoadLibraryExA
GetUserDefaultLCID
GetEnvironmentVariableA
CopyFileW
CreateFileW
DeleteFileW
FindFirstFileW
FindNextFileW
RaiseException
GetProcAddress
SizeofResource
LockResource
LoadResource
GlobalFree
GetTickCount
FindNextFileA
FindFirstFileA
CompareStringA
DeleteFileA
LocalAlloc
FormatMessageA
GetFileAttributesA
CreateFileA
CopyFileA
GetTempPathA
GetTempFileNameA
GetSystemDirectoryA
GetThreadLocale
GetVersionExA
CloseHandle
UnmapViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingA
GetTempPathW
GetTempFileNameW
GetSystemDirectoryW
GetModuleFileNameW
GetFileAttributesW
FormatMessageW
GetModuleHandleW

gdi32

MoveToEx
CreatePen
DeleteObject
GetStockObject
CreatePatternBrush
LineTo
PatBlt
SelectObject
CreateRectRgnIndirect
CreateMetaFileA
SetWindowExtEx
CreateBitmap
CloseMetaFile
DeleteMetaFile
GetDeviceCaps
LPtoDP
CreateFontIndirectW
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
CreateFontIndirectA

oleaut32

SysFreeString
GetErrorInfo
SysAllocString
SetErrorInfo
SysStringLen
LoadRegTypeLi
LoadTypeLi
VariantClear
VarUI4FromStr
SysAllocStringLen
UnRegisterTypeLi
SafeArrayGetElement
SafeArrayCopy
RegisterTypeLi
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreate
OleCreatePropertyFrame
VariantInit

ole32

StringFromGUID2
DoDragDrop
OleGetClipboard
OleSetClipboard
StringFromCLSID
CoCreateGuid
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
RevokeDragDrop
CreateDataAdviseHolder
CoTaskMemFree
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateOleAdviseHolder
RegisterDragDrop

user32

MessageBoxW
LoadImageW
GetWindowTextW
DialogBoxIndirectParamW
CreateWindowExW
MessageBoxExW
CharNextA
UnregisterClassA
CharUpperW
EndDialog
GetActiveWindow
EnableWindow
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
LoadIconA
SetTimer
KillTimer
RegisterClipboardFormatA
CharNextW
UpdateWindow
GetDlgItem
WindowFromPoint
ReleaseCapture
SetWindowTextW
ReleaseDC
GetDC
ScreenToClient
GetCursorPos
GetCapture
RegisterClipboardFormatW
ClientToScreen
GetMessagePos
GetWindowRect
CallWindowProcA
DefWindowProcA
ShowWindow
GetParent
SetFocus
CreateWindowExA
LoadCursorA
GetClassInfoExA
RegisterClassExA
UnionRect
PtInRect
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
GetKeyState
InvalidateRect
IsWindow
DestroyWindow
IsChild
GetFocus
FillRect
GetSysColorBrush
BeginPaint
GetClientRect
EndPaint
GetSystemMetrics
SendMessageA
GetWindowLongA
SetWindowLongA
DialogBoxIndirectParamA
SendMessageW
MessageBoxA
GetWindowTextA
SetWindowTextA
LoadImageA
SetCapture
GetWindow
SetCursor

shell32

DragQueryFileA
DragQueryFileW

comdlg32

CommDlgExtendedError

comctl32

ImageList_Destroy
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

uxtheme

SetWindowTheme

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
VSDllRegisterServer
VSDllUnregisterServer

Sections

.text
Size: 538KB - Virtual size: 537KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b271b1e51119244f8924a11a8f08bbc

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

oleaut32

ole32

user32

shell32

comdlg32

comctl32

version

uxtheme

Exports

Exports

Sections

.text Size: 538KB - Virtual size: 537KB

.data Size: 11KB - Virtual size: 13KB

.rsrc Size: 55KB - Virtual size: 54KB

.reloc Size: 69KB - Virtual size: 68KB

.text
Size: 538KB - Virtual size: 537KB

.data
Size: 11KB - Virtual size: 13KB

.rsrc
Size: 55KB - Virtual size: 54KB

.reloc
Size: 69KB - Virtual size: 68KB