JaffaCakes118_617011f1c02b516e0d2ab3eb44bc3d13

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_617011f1c02b516e0d2ab3eb44bc3d13
Size

347KB
MD5

617011f1c02b516e0d2ab3eb44bc3d13
SHA1

cf979f94a9bbcaf97a3f0e7964e564e4e2278f66
SHA256

ffb8de7e05e5b2e1bb051801fb2518b041ad885a52899c0e2f3f0211b6f1804a
SHA512

1669faf4814ab0abbb2275a7734faa57d8047f72bc9a58f598da2c289cead65d918566959053734e2ab6e8d750bb802f534aad0f06b7a5a085deb7b5a4de9a15
SSDEEP

6144:OhlE9IW+WQyKL8ze3i8VGHoilgsEHb2pjth7ql:YHmP2bVcXjEH4hp4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_617011f1c02b516e0d2ab3eb44bc3d13

Files

JaffaCakes118_617011f1c02b516e0d2ab3eb44bc3d13
.dll windows:6 windows x86 arch:x86

8f5142adfbc08dca9cb58adf528ee514

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

jsprofilerui.pdb

Imports

kernel32

CloseHandle
WriteFile
CreateFileW
WideCharToMultiByte
DeleteFileW
GetEnvironmentVariableW
HeapAlloc
GetProcessHeap
HeapFree
lstrcmpW
GetVersionExA
HeapDestroy
HeapReAlloc
HeapSize
GetProcAddress
LoadLibraryA
VirtualFree
VirtualAlloc
GetCommandLineA
RtlUnwind
VirtualProtect
GetSystemInfo
VirtualQuery
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedDecrement
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetTempFileNameW
OutputDebugStringA
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
Sleep
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
InterlockedIncrement
GetEnvironmentVariableA
GetCurrentThreadId
GetCurrentProcess
GetLastError
LeaveCriticalSection
LoadLibraryW
SearchPathW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
CreateActCtxW
ReleaseActCtx
ActivateActCtx
DeactivateActCtx
InterlockedCompareExchange
EnterCriticalSection
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
FlushInstructionCache
FindResourceExW
LockResource
GlobalAlloc
GlobalLock
GlobalFree
SetLastError
GlobalUnlock
GetNumberFormatW
GetLocaleInfoW
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
lstrcmpiW
RaiseException
InterlockedExchange
GetVersionExW
TerminateProcess
GetModuleFileNameW

user32

DestroyMenu
PostMessageW
GetKeyState
DrawTextW
GetDlgItem
GetSysColor
GetWindowLongA
DrawEdge
GetMessagePos
SetScrollInfo
GetScrollPos
SetScrollPos
UnregisterClassA
TrackPopupMenuEx
GetMenuItemCount
DeleteMenu
CheckMenuRadioItem
CreatePopupMenu
AppendMenuW
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
PtInRect
ReleaseCapture
GetCapture
SystemParametersInfoW
GetDlgCtrlID
SetCapture
KillTimer
SetTimer
InvalidateRect
UpdateWindow
ClientToScreen
RegisterClassExW
GetSystemMetrics
InflateRect
SetRect
GetCursorPos
SetWindowTextW
GetFocus
DrawFocusRect
LoadCursorW
GetClassInfoExW
AdjustWindowRectEx
IsWindowEnabled
ScreenToClient
SetWindowPos
GetMenu
CreateWindowExW
GetWindowLongW
CallWindowProcW
DefWindowProcW
GetDC
FillRect
ReleaseDC
LoadAcceleratorsW
DestroyAcceleratorTable
SetFocus
EnableWindow
IsWindowVisible
TranslateAcceleratorW
CreateDialogParamW
IsWindow
SetWindowLongW
ShowWindow
GetClientRect
GetParent
MoveWindow
DestroyWindow
GetSysColorBrush
GetWindowRect
SendMessageW
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
MessageBoxW
LoadStringW
CharNextW
LoadImageW
SetDlgItemTextW

ole32

CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SysAllocStringLen
VarR8FromStr
SysAllocString
VarUI4FromStr
VariantChangeType
SysFreeString
VariantClear
VariantCopy
VariantInit

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegSetValueExW
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW

gdi32

GetStockObject
DeleteObject
DeleteDC
SetBkColor
GetTextExtentExPointW
SetTextAlign
ExtTextOutW
SetBkMode
SetTextColor
SetLayout
BitBlt
CreateSolidBrush
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetTextExtentPoint32W
GetObjectW
GetDeviceCaps
GetTextExtentPointW

shlwapi

ord437
ord219

urlmon

ord423

iertutil

ord70
ord65
ord64
ord68
ord61
ord650

Exports

Exports

CreateProfileTab

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 118KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8f5142adfbc08dca9cb58adf528ee514

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

ole32

oleaut32

oleacc

advapi32

gdi32

shlwapi

urlmon

iertutil

Exports

Exports

Sections

.text Size: 185KB - Virtual size: 185KB

.data Size: 11KB - Virtual size: 12KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 9KB - Virtual size: 8KB

.text Size: 118KB - Virtual size: 120KB

.text
Size: 185KB - Virtual size: 185KB

.data
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 9KB - Virtual size: 8KB

.text
Size: 118KB - Virtual size: 120KB