f82080dc828dc65821a96f19264f0b2c_JaffaCakes118

General

Target

f82080dc828dc65821a96f19264f0b2c_JaffaCakes118
Size

44KB
MD5

f82080dc828dc65821a96f19264f0b2c
SHA1

63721b716e0ab5b1b609771c8aaa15e3f3dd3d1f
SHA256

e55b652c3e773e4ad93df7e64e9f70bd2e7dce2e2a4167109bc0bfa31715fe7c
SHA512

b53ca87646bbff1310d125749925162d38d41328cb12582211d588d81d698be676926ecff10e4ee6adc3e35045b0ec26d37beecb1634656138b3751e45369ff5
SSDEEP

768:PZ/A/ttpkavh0EtR+wSp1TQTlrkioWEygLa15:P7LM2HmlTByLa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f82080dc828dc65821a96f19264f0b2c_JaffaCakes118

Files

f82080dc828dc65821a96f19264f0b2c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

f5ddd2307c2447dc1ecbf97cdedcd810

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemDirectoryA
CreateProcessA
GetModuleFileNameA
InterlockedIncrement
GetWindowsDirectoryA
CreateThread
LoadLibraryA
VirtualAlloc
GetProcAddress
WinExec
CreateMutexA
GetLastError
CloseHandle
GetLocalTime

user32

RegisterClassExA
UnhookWindowsHookEx
DefWindowProcA
PostMessageA
FindWindowExA
DispatchMessageA
SetWindowsHookExA
CallNextHookEx
KillTimer
SetTimer
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

shlwapi

SHGetValueA

msvcrt

__CxxFrameHandler
_adjust_fdiv
malloc
_initterm
free
_except_handler3
strrchr
strchr
fopen
fwrite
fclose
_stricmp
sprintf
??2@YAPAXI@Z
atoi
??3@YAXPAX@Z

wininet

HttpQueryInfoA
InternetOpenUrlA
InternetSetOptionA
InternetOpenA
InternetReadFile
InternetCloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5ddd2307c2447dc1ecbf97cdedcd810

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

wininet

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 884B

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 884B