JaffaCakes118_6fc22d3e10f854453e7bc5962c1290ff

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6fc22d3e10f854453e7bc5962c1290ff
Size

722KB
MD5

6fc22d3e10f854453e7bc5962c1290ff
SHA1

b8321e8f1c506c47b9d9a08c636a3c89a93018cd
SHA256

ebc66be2d9ee8e44d77cdbca1150a03347a0c5b8ba066cc10ddc05dce9530a05
SHA512

0ad2cc1849520dd387cfd27ef2423d73ef69a4b471e5792e26a975a735e6badb211311a8a2d9a77706ad355840c60b7063fb4bc043f19d7c925f59d872be4108
SSDEEP

12288:W/Ylz3fYWXM4awqNAKZDWWCmCzmhprTcMpfoMbnShX9m6R/kI+mITC:SWz3iVDW6/rhoMbnSdb+msC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6fc22d3e10f854453e7bc5962c1290ff

Files

JaffaCakes118_6fc22d3e10f854453e7bc5962c1290ff
.dll regsvr32 windows:5 windows x86 arch:x86

d2a93c4252aa770bf9c9be42be14e374

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Cody Batt\Documents\Visual Studio 2008\Projects\HashTab\HashTab\Release\HashTab32.pdb

Imports

kernel32

GetModuleHandleA
GetProcAddress
GetFileAttributesW
GetVersion
lstrcmpiW
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
RaiseException
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GlobalUnlock
GlobalLock
CreateThread
ReadFile
GetFileSize
CloseHandle
CreateFileW
LockResource
lstrlenA
FindResourceExW
GlobalAlloc
Sleep
LoadLibraryA
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
SetThreadLocale
GetThreadLocale
FindNextFileW
FindFirstFileW
SetEndOfFile
CreateFileA
LoadLibraryW
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleOutputCP
WriteConsoleA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
GetACP
ExitProcess
GetStringTypeA
HeapCreate
GetModuleFileNameA
FlushFileBuffers
SetFilePointer
GetStartupInfoA
SetHandleCount
GetConsoleMode
GetConsoleCP
WriteFile
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeW
LCMapStringW
OutputDebugStringA
LoadLibraryExW
GetLocaleInfoW
SetLastError
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetLastError
lstrlenW
GetModuleFileNameW
GetModuleHandleW
WideCharToMultiByte
LCMapStringA
GetSystemTimeAsFileTime
GetCommandLineA
GetStdHandle
GetFileType
WriteConsoleW
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
InterlockedExchange
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
FindClose

user32

DestroyWindow
CharNextW
SendMessageW
UnregisterClassA
PostMessageW
SetWindowTextW
ShowWindow
EnableWindow
RegisterWindowMessageW
GetWindowLongW
GetFocus
InflateRect
MapWindowPoints
OffsetRect
SetWindowPos
GetCursorPos
GetDC
ReleaseDC
ClientToScreen
GetCapture
GetSystemMetrics
GetActiveWindow
CallWindowProcW
GetParent
DefWindowProcW
CreateWindowExW
GetSysColor
IsWindow
ScreenToClient
EndDialog
MessageBoxW
GetDlgItem
SetDlgItemTextW
GetClientRect
GetWindowTextLengthW
GetWindowTextW
SetWindowLongW
DestroyMenu
InsertMenuItemW
TrackPopupMenu
CreatePopupMenu
DialogBoxParamW
DestroyIcon
GetMessagePos
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetKeyState

gdi32

SelectObject
GetTextExtentExPointW
GetTextExtentPoint32W

advapi32

RegCloseKey
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW

shell32

DragQueryFileW

ole32

CoCreateInstance
StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
ReleaseStgMedium
RegisterDragDrop
RevokeDragDrop

oleaut32

VarUI4FromStr
UnRegisterTypeLi
SysAllocString
RegisterTypeLi
SysStringLen
LoadTypeLi
LoadRegTypeLi
SysFreeString

shlwapi

PathIsDirectoryW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 355KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d2a93c4252aa770bf9c9be42be14e374

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 355KB - Virtual size: 354KB

.rdata Size: 93KB - Virtual size: 93KB

.data Size: 18KB - Virtual size: 26KB

.rsrc Size: 94KB - Virtual size: 94KB

.reloc Size: 60KB - Virtual size: 60KB

.text Size: 100KB - Virtual size: 100KB

.text
Size: 355KB - Virtual size: 354KB

.rdata
Size: 93KB - Virtual size: 93KB

.data
Size: 18KB - Virtual size: 26KB

.rsrc
Size: 94KB - Virtual size: 94KB

.reloc
Size: 60KB - Virtual size: 60KB

.text
Size: 100KB - Virtual size: 100KB