0886b80f8a0a8c4524088b7b22f8c7e0_JaffaCakes118

General

Target

0886b80f8a0a8c4524088b7b22f8c7e0_JaffaCakes118
Size

28KB
MD5

0886b80f8a0a8c4524088b7b22f8c7e0
SHA1

7e0f58114daefd5510170b858e508c9e144a0bfd
SHA256

19faa5fff1d3e911fe10e2ba4bc7a06ec200a03b1683043a2cc81c8bfa49066d
SHA512

1f4774da20a1ce1e25d579033a73c68c7dc548c66cf53c49ee76e240d62ba976d9837863d4807fefbe50c098815695b81e09b88b4f5c407d76ac0c255e52ea47
SSDEEP

384:wCOakr/tFPecEISvwsDP/xnkcJVqWWIH6WiWIH6WMt0:wOi/tFPe1v7DP/xnkcJVqwIJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0886b80f8a0a8c4524088b7b22f8c7e0_JaffaCakes118

Files

0886b80f8a0a8c4524088b7b22f8c7e0_JaffaCakes118
.dll windows:5 windows x86 arch:x86

d0938a3ee62ea6a11e89ccdb0b0a5c08

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

wsprintfA
LoadStringA
CharNextA
CharPrevA

advapi32

RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

kernel32

LocalFree
DeleteFileA
lstrcatA
FindClose
lstrcpyA
lstrcpynA
WritePrivateProfileStringA
WideCharToMultiByte
GetFileAttributesA
GetPrivateProfileIntA
FindFirstFileA
lstrcmpiA
lstrlenA
GetPrivateProfileStringA
LocalAlloc
SetFileAttributesA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

setupapi

SetupFindNextLine
SetupFindFirstLineA
SetupOpenInfFileA
SetupCloseLog
SetupLogErrorA
SetupCloseInfFile
SetupGetLineTextA
SetupOpenLog

Exports

Exports

DllMain
Initialize9x
InitializeNT
MigrateSystem9x
MigrateSystemNT
MigrateUser9x
MigrateUserNT
QueryVersion

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d0938a3ee62ea6a11e89ccdb0b0a5c08

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

kernel32

version

setupapi

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 368B

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 656B

.text Size: 160KB - Virtual size: 160KB

.text
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 368B

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 656B

.text
Size: 160KB - Virtual size: 160KB