f884ced7aacce437148287c148be4f64_JaffaCakes118

General

Target

f884ced7aacce437148287c148be4f64_JaffaCakes118
Size

24KB
MD5

f884ced7aacce437148287c148be4f64
SHA1

b69b1f0eb79e9d607758e2c47e9112669bcf7c49
SHA256

561b732226621fa60e2a5f27f9f89f40e9fe06d1d215f8873b6612a734a0ac4e
SHA512

27bb0145172c423fc572773531af30ef925d118dd663eda89778d65a1bb27fbd5023f0d1e7dbd544b3b3b7d021c0f182377c9be53dcf18e9176160d1bc161f79
SSDEEP

192:iHhDfT66xnxDRkbL8rBCBkJEdYi0me3F+LPIsB8Yx:iHh5xDRgL8r8mJEdYi0m7LP98Yx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f884ced7aacce437148287c148be4f64_JaffaCakes118

Files

f884ced7aacce437148287c148be4f64_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0dcefaa05e96c7e27d3cd0ee84f8a7d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

msvcrt

strcat
sprintf
??3@YAXPAX@Z
_adjust_fdiv
malloc
_initterm
free
_vsnwprintf
memcpy
memset
_stricmp
strcpy
_splitpath
??2@YAPAXI@Z
strncpy
strlen

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
EnumServicesStatusA
CloseServiceHandle

user32

LoadStringA
wsprintfA

kernel32

ReleaseMutex
GetLastError
GetVersionExA
GetTickCount
EnterCriticalSection
OpenMutexA
GetExitCodeProcess
Sleep
lstrcatA
GetModuleFileNameA
GetUserDefaultLangID
DeleteCriticalSection
InitializeCriticalSection
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
OutputDebugStringW
LeaveCriticalSection
CreateProcessA
CloseHandle

Exports

Exports

EnsureOnline
RasCustomDeleteEntryNotify
RasCustomDial
RasCustomDialDlg
RasCustomEntryDlg
RasCustomHangUp
SetClientStatus

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 498B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dcefaa05e96c7e27d3cd0ee84f8a7d0

Headers

File Characteristics

Imports

version

msvcrt

advapi32

user32

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 498B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 498B