JaffaCakes118_6a5538abf08dea7ea3d38892c1cf6620

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6a5538abf08dea7ea3d38892c1cf6620
Size

573KB
MD5

6a5538abf08dea7ea3d38892c1cf6620
SHA1

8c0e4b75f455e9d26bd0252126891d4fbf5a366f
SHA256

678868b0d661db2371a50165fd01806c5cd9435bd18d29cf09c9f9a6d5c0c5b1
SHA512

83fecb0ccaa1757ea055f6d9a6d2671ddf7d615de9d94bd6ba586214c1ddca6f61f5fbc83ed5922e40dbee828da218cb2073f8866c2c33e5e127c6d9e77fa622
SSDEEP

6144:eE3pV90gzsIHn+NzocVIsGesIIohL7197Ey076r1c8X/3vAgyy7CI/HQC+IIqumu:eGJckHsIQ7Iy0R8P3vmtIbS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6a5538abf08dea7ea3d38892c1cf6620

Files

JaffaCakes118_6a5538abf08dea7ea3d38892c1cf6620
.dll windows:6 windows x86 arch:x86

795978212b3b1fc4afedb90a8f70b62e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

jsprofilerui.pdb

Imports

msvcrt

_unlock
_errno
realloc
??1type_info@@UAE@XZ
_except_handler4_common
?terminate@@YAXXZ
_amsg_exit
_initterm
_XcptFilter
__dllonexit
fputs
fputws
_wfopen_s
fclose
__CxxFrameHandler3
memset
_lock
_onexit
wcsncpy_s
_CxxThrowException
malloc
memcpy_s
free
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
??0exception@@QAE@XZ
calloc
_wcslwr_s
wcschr
wcsstr
atoi
_wcsicmp
iswspace
swprintf_s
_ftol2
vswprintf_s
_vscwprintf
memmove_s
_purecall
wcscpy_s
_ultow_s
_vsnwprintf
wcstol

kernel32

CreateActCtxW
ReleaseActCtx
Sleep
VirtualAlloc
VirtualFree
ActivateActCtx
EnumUILanguagesW
GetUserDefaultUILanguage
MulDiv
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
OutputDebugStringA
InterlockedCompareExchange
DeactivateActCtx
InterlockedExchange
RaiseException
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
EnterCriticalSection
LeaveCriticalSection
GetLastError
InterlockedIncrement
InterlockedDecrement
LoadLibraryW
GetProcAddress
GetModuleHandleW
lstrcmpiW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
GetLocaleInfoW
GetNumberFormatW
GlobalUnlock
SetLastError
GlobalFree
GlobalLock
GlobalAlloc
LockResource
FindResourceExW
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
GetEnvironmentVariableA
GetTempFileNameW
CloseHandle
CreateEventW
SetEvent
ResetEvent
DeleteFileW
GetEnvironmentVariableW
HeapAlloc
GetProcessHeap
HeapFree
lstrcmpW
GetVersionExA
HeapDestroy
HeapReAlloc
HeapSize
LoadLibraryA

user32

SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
SendMessageW
GetWindowRect
GetSysColorBrush
DestroyWindow
MoveWindow
GetParent
GetClientRect
ShowWindow
SetWindowLongW
CreateDialogParamW
MsgWaitForMultipleObjects
DispatchMessageW
TranslateMessage
PeekMessageW
TranslateAcceleratorW
IsWindowVisible
EnableWindow
DestroyAcceleratorTable
SetDlgItemTextW
LoadAcceleratorsW
SetFocus
GetWindowLongW
CreateWindowExW
GetMenu
SetWindowPos
ScreenToClient
GetDC
ReleaseDC
IsWindowEnabled
AdjustWindowRectEx
IsWindow
GetClassInfoExW
LoadCursorW
FillRect
DrawFocusRect
CallWindowProcW
GetFocus
SetWindowTextW
GetCursorPos
DefWindowProcW
SetRect
InflateRect
MessageBoxW
RegisterClassExW
ClientToScreen
UpdateWindow
InvalidateRect
SetTimer
KillTimer
SetCapture
GetDlgCtrlID
SystemParametersInfoW
GetCapture
ReleaseCapture
PtInRect
BeginPaint
EndPaint
CheckMenuItem
EnableMenuItem
AppendMenuW
CreatePopupMenu
CheckMenuRadioItem
DeleteMenu
GetMenuItemCount
TrackPopupMenuEx
DestroyMenu
PostMessageW
GetKeyState
DrawTextW
GetDlgItem
SetCursor
GetWindowLongA
GetSysColor
DrawEdge
GetMessagePos
SetScrollInfo
GetScrollPos
SetScrollPos
UnregisterClassA
LoadStringW
CharNextW
LoadImageW
GetSystemMetrics

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance

oleaut32

SysAllocStringLen
VarR8FromStr
SysAllocString
VarUI4FromStr
VariantChangeType
SysFreeString
VariantClear
VariantCopy
VariantInit

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegCloseKey
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW

gdi32

DeleteObject
DeleteDC
CreateFontIndirectW
SetBkColor
GetTextExtentExPointW
SetTextAlign
ExtTextOutW
SetBkMode
SetTextColor
SetLayout
BitBlt
CreateSolidBrush
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetTextExtentPoint32W
GetTextExtentPointW
GetObjectW
GetDeviceCaps

shlwapi

ord437
ord219

urlmon

ord423

iertutil

ord61
ord68
ord64
ord70
ord65

Exports

Exports

CreateProfileTab

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 427KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

795978212b3b1fc4afedb90a8f70b62e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

ole32

oleaut32

oleacc

advapi32

gdi32

shlwapi

urlmon

iertutil

Exports

Exports

Sections

.text Size: 115KB - Virtual size: 115KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 21KB - Virtual size: 20KB

.reloc Size: 6KB - Virtual size: 5KB

.text Size: 427KB - Virtual size: 428KB

.text
Size: 115KB - Virtual size: 115KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 21KB - Virtual size: 20KB

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 427KB - Virtual size: 428KB