JaffaCakes118_127174fe9a8c19f58ef466ea84316295

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_127174fe9a8c19f58ef466ea84316295
Size

1.2MB
MD5

127174fe9a8c19f58ef466ea84316295
SHA1

330d313f3415de7d0ff2f59aafc616913183c33c
SHA256

6e0cb9dc708b66806c60b6917735680528fe025574667fc36e0750e9e749aab1
SHA512

26fde063b598703eabd8105d0116831f20b67e23474c5acc7558ae1795f746e2e1fe5df937dd468c201c3145f1e61b2b31f5f84cde67be139658744251115093
SSDEEP

24576:/KMa+QECSwrS2yUJ0AvivK3hPAnYGLzRxahfTN9Wn+lNs6wWKyM7Bfft8ypGYRZb:IDJzDljp0X1yoHtjTjQYPPbxA8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_127174fe9a8c19f58ef466ea84316295

Files

JaffaCakes118_127174fe9a8c19f58ef466ea84316295
.dll regsvr32 windows:5 windows x86 arch:x86

7e5a3ca1d045e5cb414a409544507355

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

CoCreateFreeThreadedMarshaler
CreateBindCtx
CoUninitialize
CoInitialize
StringFromCLSID
CoTaskMemFree
CLSIDFromProgID
CoTaskMemAlloc
GetHGlobalFromStream
CreateStreamOnHGlobal
CoCreateInstance

shlwapi

ord117
ord56
ord136
ord60
ord116
PathFindExtensionW
UrlCanonicalizeW
ord2
PathFindFileNameW
ord260
ord217
UrlCombineA
UrlCanonicalizeA
UrlUnescapeA
PathCreateFromUrlA
StrChrA
StrCmpNIA
ord151
StrStrA
StrToIntA
ord153
ord342
StrRChrA
ord15
ord150
ord44
ord28
ord311
ord310
PathIsURLW
ord125
ord128
StrCmpIW
StrCpyW
StrCatW
ord158
ord156
ord68
ord66
ord43
ord38
ord26
StrToIntW
StrCmpNIW
ord45
StrCmpNW
ord51
ord83
StrCmpW
ord115
UrlUnescapeW
PathSearchAndQualifyW
UrlCreateFromPathW
PathCreateFromUrlW
UrlIsW
ord52
UrlGetLocationW

kernel32

InterlockedDecrement
FlushFileBuffers
WriteFile
GetCPInfo
GetLocalTime
GetTimeZoneInformation
SetThreadPriority
lstrcatW
SetFilePointer
ReadFile
CreateFileA
IsBadStringPtrW
RtlMoveMemory
GetSystemTimeAsFileTime
GetExitCodeThread
IsBadStringPtrA
LocalFileTimeToFileTime
IsBadReadPtr
IsBadWritePtr
CreateThread
FormatMessageW
GlobalAlloc
GlobalFree
CreateEventA
LocalAlloc
LocalFree
GetSystemTime
SleepEx
lstrcmpiA
GetDateFormatA
GetTimeFormatA
GlobalLock
GlobalUnlock
GetThreadLocale
SystemTimeToFileTime
FileTimeToSystemTime
FormatMessageA
LoadLibraryExA
FindResourceA
LockResource
SizeofResource
LoadResource
WideCharToMultiByte
RaiseException
SetLastError
GetSystemInfo
HeapCreate
GetLastError
HeapDestroy
CreateSemaphoreA
ReleaseSemaphore
GetTickCount
OutputDebugStringA
ResetEvent
SetEvent
SuspendThread
ResumeThread
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSection
ExitProcess
DebugBreak
LeaveCriticalSection
HeapFree
TerminateProcess
GetCurrentProcess
EnterCriticalSection
lstrcpyA
lstrlenA
GetProcAddress
LoadLibraryA
FreeLibrary
GetVersionExW
lstrcatA
MultiByteToWideChar
lstrcmpA
ExpandEnvironmentStringsA
GetModuleFileNameA
lstrcpynA
TlsSetValue
TlsGetValue
HeapAlloc
HeapReAlloc
RtlUnwind
SetEndOfFile
InterlockedIncrement
lstrlenW
HeapSize
VirtualFree
VirtualAlloc
GetProcessHeap
GetCurrentThreadId
DuplicateHandle
GetCurrentThread
CloseHandle
GetModuleHandleA
GetVersionExA
TlsAlloc
TlsFree
GetThreadContext
InterlockedExchange
Sleep

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 851KB - Virtual size: 850KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7e5a3ca1d045e5cb414a409544507355

Headers

File Characteristics

Imports

ole32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 851KB - Virtual size: 850KB

.data Size: 51KB - Virtual size: 52KB

.rsrc Size: 135KB - Virtual size: 135KB

.reloc Size: 53KB - Virtual size: 53KB

.text Size: 102KB - Virtual size: 104KB

.text
Size: 851KB - Virtual size: 850KB

.data
Size: 51KB - Virtual size: 52KB

.rsrc
Size: 135KB - Virtual size: 135KB

.reloc
Size: 53KB - Virtual size: 53KB

.text
Size: 102KB - Virtual size: 104KB