179328b09fae3dbd9dd0835e7206d8aa_JaffaCakes118

General

Target

179328b09fae3dbd9dd0835e7206d8aa_JaffaCakes118
Size

142KB
MD5

179328b09fae3dbd9dd0835e7206d8aa
SHA1

5d4df37fa6fb29e4e28dd1052d636fedefe8a8ba
SHA256

54bffa321c7f3afc40c49ffaed78c4cb812f5e7f31f92e41fb744af22da4fa7e
SHA512

681dd61bed1299b6ef9d60794bf926b32f992e05e543006d12ae1bc01c1e64d31bd80be2f9ec966206a518da1a1a0ac2fa2544df5c778c812e024a1855349233
SSDEEP

3072:ieCEj0saIRJmJmqFEOlHyP708m92oKiqRWnB9wo:ieCExcF/lSgx9rUuj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
179328b09fae3dbd9dd0835e7206d8aa_JaffaCakes118

Files

179328b09fae3dbd9dd0835e7206d8aa_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

79a6c50e30330593d2708d97e687698b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DestroyMenu
DestroyCaret
DeleteMenu
CreatePopupMenu
CreateMDIWindowA
CreateIconFromResourceEx
CreateDialogIndirectParamA
CreateDesktopA
CreateCursor
CreateAcceleratorTableA
CharUpperBuffA
BeginPaint
ActivateKeyboardLayout

kernel32

GetLastError
lstrcpynA
lstrcmpiA
VirtualFree
TlsSetValue
Sleep
SetLastError
SetCurrentDirectoryA
RtlUnwind
ReadFile
RaiseException
OpenFileMappingA
OpenFile
MapViewOfFile
EnterCriticalSection
EnumResourceNamesA
EnumResourceTypesA
ExitProcess
ExitThread
GetCommandLineA
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetSystemTime
LeaveCriticalSection
LocalAlloc

Exports

Exports

A075FFBB2BE2F4b1dB4ABA49FBCC7AC23
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
NotifyLogon
NotifyShutdown
NotifyStartup
ah

Sections

.text
Size: 16KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 121KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79a6c50e30330593d2708d97e687698b

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 232KB

.data Size: 121KB - Virtual size: 124KB

.rsrc Size: 1KB - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.data Size: - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 232KB

.data
Size: 121KB - Virtual size: 124KB

.rsrc
Size: 1KB - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.data
Size: - Virtual size: 4KB