JaffaCakes118_b8c0cce64b64b00bb6805dbf83b5f470

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_b8c0cce64b64b00bb6805dbf83b5f470
Size

484KB
MD5

b8c0cce64b64b00bb6805dbf83b5f470
SHA1

b0a5f375eb6d797436820c715e7754f19862b3c3
SHA256

4e3ab308d832e8b6a96448e3e09feaf7bbac4e5f8a58de7493f874eb660a69b7
SHA512

d45a2b061a827ee0f295019238ec264472158bb42af574247966dbbde549cfc6748a794706ec7279fb3968c5af5f3e01a511cbc32cdcdfe5fd5ffee56c7eb666
SSDEEP

3072:u4aWY9nTGKTNX91X1cM3Sm+3HDktMBuSdfIQWyONwEUQ3z9DUnCUlKK3XF7PJ1Xb:ahUuIMSmgktMB9lKhUcUnZgu17nXKEKY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b8c0cce64b64b00bb6805dbf83b5f470

Files

JaffaCakes118_b8c0cce64b64b00bb6805dbf83b5f470
.dll regsvr32 windows:5 windows x86 arch:x86

6e43dd50ce21fc52aa2cec80f9d0f93a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

triedit.pdb

Imports

msvcrt

_wcsrev
wcslen
_wcsnicmp
??2@YAPAXI@Z
wcsstr
wcstok
iswspace
_wcslwr
wcschr
wcspbrk
wcsrchr
memmove
wcsncpy
wcscpy
_itow
iswupper
_wcsupr
wcsncmp
_adjust_fdiv
_initterm
qsort
??3@YAXPAX@Z
free
realloc
malloc
wcstoul
wcscat
iswdigit
_wcsicmp
time
srand
rand
_wtoi
_purecall

oleaut32

VariantClear
VariantChangeTypeEx
VariantInit
VariantCopy
SysAllocString
SysFreeString
SysStringLen
SysAllocStringLen
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
VariantChangeType
LoadRegTypeLi
SetErrorInfo
RegisterTypeLi
LoadTypeLi
UnRegisterTypeLi
VarI4FromStr

ole32

CoTaskMemRealloc
CoTaskMemAlloc
OleRegGetUserType
StringFromCLSID
CoTaskMemFree
CreateStreamOnHGlobal
GetHGlobalFromStream
CoCreateInstance

kernel32

GetCurrentProcess
HeapDestroy
DisableThreadLibraryCalls
FreeLibrary
SizeofResource
LoadResource
GetVersionExA
FindResourceA
FindResourceW
GetModuleFileNameA
GetModuleFileNameW
LoadLibraryExA
LoadLibraryExW
lstrcmpiA
lstrcmpiW
lstrcmpA
lstrcmpW
lstrcpynW
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
lstrlenA
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
GetLastError
MultiByteToWideChar
GlobalSize
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalUnlock
GlobalFree
SetLastError

gdi32

CreatePatternBrush
DeleteObject
SelectObject
SetWindowOrgEx
PatBlt

user32

SetRect
InvalidateRect
InflateRect
SetCursor
GetKeyState
ReleaseDC
GetDC
PtInRect
GetClientRect
ScreenToClient
SetFocus
IsWindow
GetParent
GetWindowLongA
GetWindowLongW
IsCharAlphaNumericA
IsCharAlphaNumericW
IsCharAlphaA
IsCharAlphaW
LoadBitmapA
LoadBitmapW
LoadCursorA
LoadCursorW
LoadStringA
LoadStringW
CharNextW

advapi32

RegEnumKeyExW
RegEnumKeyExA
RegQueryValueExW
RegQueryValueExA
RegSetValueExW
RegSetValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 334KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e43dd50ce21fc52aa2cec80f9d0f93a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

oleaut32

ole32

kernel32

gdi32

user32

advapi32

Exports

Exports

Sections

.text Size: 123KB - Virtual size: 122KB

.data Size: 5KB - Virtual size: 6KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 7KB - Virtual size: 7KB

.text Size: 334KB - Virtual size: 336KB

.text
Size: 123KB - Virtual size: 122KB

.data
Size: 5KB - Virtual size: 6KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 7KB - Virtual size: 7KB

.text
Size: 334KB - Virtual size: 336KB