244bbac67c4d628fb5d7ee4d37664535_JaffaCakes118

General

Target

244bbac67c4d628fb5d7ee4d37664535_JaffaCakes118
Size

140KB
MD5

244bbac67c4d628fb5d7ee4d37664535
SHA1

05745e4ab46022a3ed948663d9a9624b231bc569
SHA256

7836c896bab11325e9e787173fe213276b687689dbef7946a5bd7a620146762c
SHA512

d79b46f6b439ca5a383b8485ea87424b31eb7cfd362453aa53079d95991cf793971e0bc0470b79525cb6d62560280d592449725c55d4a6e5ce4cd6c2c7635fb1
SSDEEP

3072:kq/qOjzeCUmH9U9VigiSVg5IBalkIaGX5eeUKP:Z3eCUqleg5JvneeU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
244bbac67c4d628fb5d7ee4d37664535_JaffaCakes118

Files

244bbac67c4d628fb5d7ee4d37664535_JaffaCakes118
.dll windows:4 windows x86 arch:x86

477b73b545b41e6b3251342fd470878e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
lstrlenA
UnmapViewOfFile
InterlockedDecrement
WaitForSingleObject
CloseHandle
InterlockedCompareExchange
GetTickCount
CreateDirectoryA
EnterCriticalSection
GetCommandLineA
CreateEventA
MapViewOfFile
GetModuleHandleA
CreateProcessA
ReleaseMutex
SetLastError
Sleep
ExitProcess
lstrlenW
CopyFileA
OpenEventA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetLastError
LocalFree
LeaveCriticalSection

ole32

CoInitialize
OleSetContainedObject
CoUninitialize
CreateBindCtx
OleCreate
CoCreateGuid

user32

PostMessageA
FindWindowA
PostQuitMessage
GetSystemMetrics
DispatchMessageA
KillTimer
TranslateMessage
SendMessageA
CreateWindowExA
GetParent
SetWindowLongA
DefWindowProcA
GetMessageA
DestroyWindow
SetTimer
RegisterWindowMessageA
GetWindowLongA
GetClassNameA

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueA

Exports

Exports

iTunesPadAgent

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

477b73b545b41e6b3251342fd470878e

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB