e43af739d8c6b0284f961a6ac3b055a0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e43af739d8c6b0284f961a6ac3b055a0_JaffaCakes118
Size

804KB
MD5

e43af739d8c6b0284f961a6ac3b055a0
SHA1

8ffcaa3a43460132898f5662f18d870b1b262b0e
SHA256

340c9cca533d419fd91da066cd89a0000c1aa96700ced431701f9950403e81c9
SHA512

c976598ee93ad6728b24d865d706781707bee3c6f02ae57190e048bc67d4636a5d90f89607e4d523350ae8864c34c9faa58faa5f6a3128bbb9a7dd2bacb3f0db
SSDEEP

12288:t6wseXyl8eHx0Tos+QY+TviT1Lj6V99mqDuWCSsmj7:t6wseXyl8eHx0Tos+p+6+DuWCSN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e43af739d8c6b0284f961a6ac3b055a0_JaffaCakes118

Files

e43af739d8c6b0284f961a6ac3b055a0_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

0f223a5611223cb02a123297d293013c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

advapi32

RegCreateKeyA
RegSetValueA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey

kernel32

GetModuleFileNameA
GetUserDefaultLangID
GetSystemDefaultLangID
InterlockedIncrement
FreeLibrary
InterlockedDecrement
LoadLibraryA
GetVersionExA
DisableThreadLibraryCalls
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
GetCurrentProcess
GetCurrentThreadId
VirtualAlloc
VirtualFree
lstrlenA
MultiByteToWideChar
GetLastError
GetProcAddress
GetModuleHandleA
WideCharToMultiByte
GetACP
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
HeapReAlloc
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetEnvironmentVariableA
HeapDestroy
HeapCreate
IsBadWritePtr
ExitProcess
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetFilePointer
GetCPInfo
GetOEMCP
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
FreeEnvironmentStringsW

user32

BeginPaint
SetCursor
LoadStringA
LoadCursorA
EnableWindow
ShowWindow
GetDesktopWindow
LoadBitmapA
FillRect
ScreenToClient
GetWindowRect
ReleaseDC
GetDC
PostMessageA
GetWindowLongA
SetWindowLongA
EndPaint
MoveWindow
InvalidateRect
DestroyWindow
DefWindowProcA
wsprintfA
LoadStringW
SendMessageA
GetDlgItem
CreateDialogParamA
GetUpdateRect

gdi32

BitBlt
GetObjectA
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
DeleteObject

ole32

CoFreeUnusedLibraries
CoInitialize
StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoCreateInstance

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 4KB - Virtual size: 392B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CALC_TAB
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

XMM_CONS
Size: 4KB - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0f223a5611223cb02a123297d293013c

Headers

File Characteristics

Imports

winmm

version

advapi32

kernel32

user32

gdi32

ole32

Exports

Exports

Sections

.text Size: 284KB - Virtual size: 282KB

.text1 Size: 4KB - Virtual size: 392B

.code Size: 16KB - Virtual size: 14KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 20KB - Virtual size: 39KB

.data1 Size: 4KB - Virtual size: 2KB

CALC_TAB Size: 16KB - Virtual size: 13KB

XMM_CONS Size: 4KB - Virtual size: 320B

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 12KB - Virtual size: 11KB

.text Size: 360KB - Virtual size: 360KB

.text
Size: 284KB - Virtual size: 282KB

.text1
Size: 4KB - Virtual size: 392B

.code
Size: 16KB - Virtual size: 14KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 20KB - Virtual size: 39KB

.data1
Size: 4KB - Virtual size: 2KB

CALC_TAB
Size: 16KB - Virtual size: 13KB

XMM_CONS
Size: 4KB - Virtual size: 320B

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 12KB - Virtual size: 11KB

.text
Size: 360KB - Virtual size: 360KB