JaffaCakes118_b8e474b91289bf1cedbce42586ee24e5

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_b8e474b91289bf1cedbce42586ee24e5
Size

412KB
MD5

b8e474b91289bf1cedbce42586ee24e5
SHA1

94d98e9a958bd76fee86f4c32324b10142bbe53b
SHA256

b4d0d4f8ab0d0c620f46480511dbff585065f1629400b44b9218dec3d8212201
SHA512

886ccdef7ae14bd207dbfe1b3f03241d330712a03274055df942038f4391648210c1400d20fa7bd038b7cdb48d88175540fb68e7e1cee6e6af62310154dac588
SSDEEP

6144:sayocjqchgZZWnvpIH0G6AE3ZoPw5WxOYd8r2RO4kF+RmHK9:sayocjqWgZZu+DE3ZXmLd5k43uk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b8e474b91289bf1cedbce42586ee24e5

Files

JaffaCakes118_b8e474b91289bf1cedbce42586ee24e5
.dll regsvr32 windows:4 windows x86 arch:x86

306157e3da8bbba13fcaf01a8e74e93d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\projects\pc connectivity solution\pccs 3.10\source files\pc connectivity api\pccs_abapi\pccs_abapi\win32\release\PCCS_ABAPI.pdb

Imports

kernel32

SystemTimeToFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
DeleteCriticalSection
SetEvent
ResetEvent
ExitThread
InitializeCriticalSection
HeapAlloc
GetCurrentThreadId
CreateThread
Sleep
CloseHandle
WaitForSingleObject
TerminateThread
MultiByteToWideChar
GetTickCount
LoadLibraryA
GetProcAddress
FreeLibrary
WaitForMultipleObjects
CreateEventA
OpenEventA
HeapValidate
LeaveCriticalSection
HeapSize
HeapFree
GetProcessHeap
GetModuleFileNameW
EnterCriticalSection
lstrlenW
CreateEventW
IsBadCodePtr
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLastError
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetVersionExA
RaiseException
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

gdi32

DeleteObject

advapi32

RegQueryValueExA
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExA

ole32

CoUninitialize
CoInitializeEx
CoWaitForMultipleHandles

oleaut32

SysAllocString
VarBstrCmp
SysStringLen
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SysFreeString

Exports

Exports

CCAPI_AnswerCall
CCAPI_CloseHandle
CCAPI_ControlCall
CCAPI_CreateCall
CCAPI_FreeCallInfoStruct
CCAPI_GetAPIVersion
CCAPI_GetCallStatus
CCAPI_Initialize
CCAPI_OpenHandle
CCAPI_RegisterNotifyIF
CCAPI_ReleaseCall
CCAPI_SendDTMF
CCAPI_Terminate
DCAPI_ActivateProfile
DCAPI_CloseHandle
DCAPI_FreeProfileInfo
DCAPI_FreeProfilesIDList
DCAPI_GetAPIVersion
DCAPI_GetProfileInfo
DCAPI_GetProfilesIDList
DCAPI_GetVolume
DCAPI_Initialize
DCAPI_MuteControl
DCAPI_OpenHandle
DCAPI_RegisterNotifyIF
DCAPI_SetRingingtone
DCAPI_SetVolume
DCAPI_SetWallpaper
DCAPI_Terminate
DIAPI_CloseHandle
DIAPI_FreeDeviceInfo
DIAPI_FreeOperatorInfo
DIAPI_GetAPIVersion
DIAPI_GetBatteryInfo
DIAPI_GetDeviceInfo
DIAPI_GetDeviceTime
DIAPI_GetNetworkLevel
DIAPI_GetOperatorInfo
DIAPI_GetPlatformInfo
DIAPI_Initialize
DIAPI_OpenHandle
DIAPI_RegisterNotifyIF
DIAPI_Terminate
DllRegisterServer
DllUnregisterServer
ELOGAPI_CloseHandle
ELOGAPI_FreeLogItem
ELOGAPI_GetAPIVersion
ELOGAPI_Initialize
ELOGAPI_OpenHandle
ELOGAPI_ReadBegin
ELOGAPI_ReadEnd
ELOGAPI_ReadNext
ELOGAPI_RegisterNotifyIF
ELOGAPI_Terminate
LMAPI_CloseHandle
LMAPI_FreeIDList
LMAPI_FreeLandmarkInfo
LMAPI_GetAPIVersion
LMAPI_GetIDList
LMAPI_Initialize
LMAPI_OpenHandle
LMAPI_ReadLandmark
LMAPI_Terminate
LMAPI_WriteLandmark
RUIAPI_CloseHandle
RUIAPI_GetAPIVersion
RUIAPI_Initialize
RUIAPI_OpenHandle
RUIAPI_PressKey
RUIAPI_RegisterNotifyIF
RUIAPI_Terminate

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

306157e3da8bbba13fcaf01a8e74e93d

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 52KB - Virtual size: 49KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 20KB - Virtual size: 19KB

.text Size: 148KB - Virtual size: 148KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 52KB - Virtual size: 49KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 20KB - Virtual size: 19KB

.text
Size: 148KB - Virtual size: 148KB