0b0d6be9e9038dbad4fe90e2705361af_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0b0d6be9e9038dbad4fe90e2705361af_JaffaCakes118
Size

32KB
MD5

0b0d6be9e9038dbad4fe90e2705361af
SHA1

4549d3bd76e6d2bd5259ab18c4419ac8b0dd2655
SHA256

daf048dcf3fabb8a3acc792cec450bc1d49d6528ef8021e0ed5cba7d5b991d3d
SHA512

bb6ef89f046236fbd712fdac3f04aa6ab6a4a5c47d9ed309553615b91ae21ddf817a67f15527c2b157707f0e314d1116eddf7d39c3776e601d413dce91f531b6
SSDEEP

192:h99gJg1E2lNzywJDYvHpivemcrWBAf35/A/QM7VUUXsSL2YhOc5:h9QgfNzyQOpivejWBAfJ/o7VUSsIRsc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b0d6be9e9038dbad4fe90e2705361af_JaffaCakes118

Files

0b0d6be9e9038dbad4fe90e2705361af_JaffaCakes118
.dll windows:4 windows x86 arch:x86

aebe85b5f9d21ecc04382118154d29b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHGetValueA
SHDeleteKeyA
SHDeleteValueA

kernel32

GetProcAddress
GetModuleFileNameA
FreeLibrary
LoadLibraryA
GetShortPathNameA
GetLastError
FindClose
FindFirstFileA
GetCurrentThreadId
IsBadReadPtr
CloseHandle
CreateMutexA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection

user32

SetWindowLongW
PostMessageA
FindWindowExA
PostQuitMessage
EndDialog
SetTimer
GetMenu
CallWindowProcW
CallWindowProcA
SetWindowsHookExA
GetClassNameA
CallNextHookEx
IsWindow
UnhookWindowsHookEx
IsWindowUnicode
GetWindowModuleFileNameA
SetWindowLongA
GetDesktopWindow
CreateDialogParamA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA

comctl32

ord17

msvcrt

__dllonexit
__CxxFrameHandler
strrchr
toupper
tolower
malloc
free
_strnicmp
memcpy
strcmp
strcpy
strstr
strncpy
fopen
_initterm
_adjust_fdiv
strcat
strlen
memset
_onexit
fclose
_snprintf

Exports

Exports

Rundll32

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cnshelp
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aebe85b5f9d21ecc04382118154d29b9

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

comctl32

msvcrt

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.cnshelp Size: 4KB - Virtual size: 8B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.cnshelp
Size: 4KB - Virtual size: 8B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 1KB