213cd9e94a5b617dfd2d14e3fe4c0bf4_JaffaCakes118

General

Target

213cd9e94a5b617dfd2d14e3fe4c0bf4_JaffaCakes118
Size

116KB
MD5

213cd9e94a5b617dfd2d14e3fe4c0bf4
SHA1

752b487709d77bd863449afd7bd00969c1407b86
SHA256

0609f3cf6041f051f17763c3d6b53c5053600f1700fb7884f71b141842d1e6fc
SHA512

94ba6c07ffed6596926f9a7610be30da3398782547286749dcea70c97f321489c9c2a30e4430a5e8731678dae3e46eba881b495a65de03eb21f59b73c4bf5f66
SSDEEP

3072:QmdSmbBD0cmY0ozUMiupVbr/jlpEG6TS8cf5:Qmj19m0xVP/hpERTdk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
213cd9e94a5b617dfd2d14e3fe4c0bf4_JaffaCakes118

Files

213cd9e94a5b617dfd2d14e3fe4c0bf4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

192ebb6e22d7e2b382fe3467a6f4b105

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
GetLastError
GetProcAddress
InterlockedIncrement
EnterCriticalSection
LoadLibraryA
LocalFree
GetModuleFileNameA
CreateProcessA
GetCommandLineA
GetTickCount
ExitProcess
SetLastError
CopyFileA
WaitForSingleObject
LeaveCriticalSection
CreateDirectoryA
lstrlenA
UnmapViewOfFile
InterlockedCompareExchange
OpenEventA
CreateEventA
CloseHandle
MapViewOfFile
InterlockedDecrement
Sleep
GetModuleHandleA
ReleaseMutex

ole32

CoInitialize
OleCreate
CoCreateGuid
CreateBindCtx
OleSetContainedObject
CoUninitialize

user32

DispatchMessageA
PostQuitMessage
KillTimer
DefWindowProcA
CreateWindowExA
GetWindowLongA
SendMessageA
RegisterWindowMessageA
SetTimer
SetWindowLongA
TranslateMessage
GetParent
PostMessageA
GetSystemMetrics
DestroyWindow
FindWindowA
GetClassNameA
GetMessageA

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA

Exports

Exports

tapiEventxx

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

192ebb6e22d7e2b382fe3467a6f4b105

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

advapi32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB