0d40fae4687819741d00f18bde9d955e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0d40fae4687819741d00f18bde9d955e_JaffaCakes118
Size

77KB
MD5

0d40fae4687819741d00f18bde9d955e
SHA1

beaaa7c08eef70ae1445b81b4ea6a100e8d53007
SHA256

d27423465f830e0a63dcdad947dba28790f5c26a198b7b29510475ddbb0b750d
SHA512

7579064895ceaa80f2ee561d55d1cbc0beada5eb9bdd193c592e429418d3901bf7f8b03aa152b59fd549902eac1701b271002f66edd42c7a9b8522022cb5f4b5
SSDEEP

1536:5nMMbdYcx8jkd1/ZYpcYUNgpDVDBb4Bc/vPQ/j0Mc075sGSKxEIwg8Xv7XBZ7u:5LR7xYw1OgNAoBcg0McOyK6Iwg8f7C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d40fae4687819741d00f18bde9d955e_JaffaCakes118

Files

0d40fae4687819741d00f18bde9d955e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

d86d9109d23f32c7fde77d7075a26487

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
LoadLibraryA
VirtualProtect
GetModuleFileNameA
ExitProcess

user32

GetKeyboardType
MessageBoxA

advapi32

RegQueryValueExA

oleaut32

SysFreeString

wsock32

WSACleanup

urlmon

URLDownloadToFileW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aspr0
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aspr1
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

.aspr2
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tmd0
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d86d9109d23f32c7fde77d7075a26487

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

wsock32

urlmon

Exports

Exports

Sections

CODE Size: - Virtual size: 31KB

DATA Size: - Virtual size: 328B

BSS Size: - Virtual size: 1KB

.idata Size: - Virtual size: 2KB

.edata Size: - Virtual size: 162B

.aspr0 Size: - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 512B

.aspr1 Size: - Virtual size: 20KB

.aspr2 Size: 74KB - Virtual size: 74KB

.tmd0 Size: 512B - Virtual size: 204B

.reloc Size: 512B - Virtual size: 204B

CODE
Size: - Virtual size: 31KB

DATA
Size: - Virtual size: 328B

BSS
Size: - Virtual size: 1KB

.idata
Size: - Virtual size: 2KB

.edata
Size: - Virtual size: 162B

.aspr0
Size: - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 512B

.aspr1
Size: - Virtual size: 20KB

.aspr2
Size: 74KB - Virtual size: 74KB

.tmd0
Size: 512B - Virtual size: 204B

.reloc
Size: 512B - Virtual size: 204B