b21a8247fed6d7f3fb9fa89016a5f41d_JaffaCakes118

General

Target

b21a8247fed6d7f3fb9fa89016a5f41d_JaffaCakes118
Size

350KB
MD5

b21a8247fed6d7f3fb9fa89016a5f41d
SHA1

9227062dc0a62e4fa0284ad521a56c373c34ffde
SHA256

2d63a0d8ece25bdb093098fe7569c973ada10927387ee288b87030e5765f514b
SHA512

68c0342db819d8df9bddce9c23a2552cfa6d72e24ff54c3ed922a4388e698c0c6e3cee8688c905564540141ea32d3e26e8acc49b5412aadd526aea93fe5f7fa7
SSDEEP

6144:oucrZMDMXbJ2kAUWaNCZAaCudurslKREBKT0PLNMbQ4AWbO/Fh:P8ZM2RiKCZ9urGETYNMbQ4zbm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b21a8247fed6d7f3fb9fa89016a5f41d_JaffaCakes118

Files

b21a8247fed6d7f3fb9fa89016a5f41d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ccd6f5e26d1915d4752a66ba320f0db8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyW
RegEnumKeyExA
RegSetValueExW
RegDeleteKeyA
RegDeleteValueA
GetTokenInformation
RegQueryValueW
RegSetValueA
RegQueryValueExW
EqualSid
OpenProcessToken
RegCreateKeyA
LsaAddAccountRights
WmiMofEnumerateResourcesA
AllocateAndInitializeSid
RegEnumValueA
OpenThreadToken
RegDeleteKeyW
RegFlushKey
RegEnumKeyA
FreeSid
RegOpenKeyExW
RegQueryValueExA
RegQueryInfoKeyA

mycomput

DllGetClassObject
DllRegisterServer
DllUnregisterServer
DllCanUnloadNow

msvcrt

malloc
_timezone
fmod
free
_initterm
_getdllprocaddr
_getmaxstdio

kernel32

GetFileAttributesA
HeapCreate
lstrlenW
GetEnvironmentStringsW
GetStartupInfoA
GetStringTypeW
SetHandleCount
LCMapStringA
DeleteFileA
lstrcmpW
lstrcmpA
VirtualAlloc
GetLastError
GetLocalTime
InterlockedIncrement
CreateFileA
GetProcessHeap
GetFileTime
CloseHandle
SetFilePointer
LCMapStringW
GetThreadLocale
GetFileSize
lstrcmpiW
GetStringTypeA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentProcessId
HeapAlloc
HeapFree
GetOEMCP
GetSystemTimeAsFileTime
GetUserDefaultLCID
FreeEnvironmentStringsW
GetCommandLineA

Sections

.text
Size: 337KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccd6f5e26d1915d4752a66ba320f0db8

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

mycomput

msvcrt

kernel32

Sections

.text Size: 337KB - Virtual size: 336KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 337KB - Virtual size: 336KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 9KB - Virtual size: 8KB