24bc8e986a5603e74efd9598952dbc50_JaffaCakes118

General

Target

24bc8e986a5603e74efd9598952dbc50_JaffaCakes118
Size

44KB
MD5

24bc8e986a5603e74efd9598952dbc50
SHA1

e96f684b6adf1e23f16fd52993b842ae37118f76
SHA256

5db89feac3df5c19d4b8a08bf502ebfce96aa42423c947d19d9e6f0749da9dd7
SHA512

1ba34efbda27cefec49755da337e8dd3e6b23393d2a57c281bb477536d7a1cb4ccb74d0c0797002205a0637b5b965b8cf7a76120747baab986d95d70581b77dc
SSDEEP

768:m9EpBts9rUVZ83Jtpkavx0nshR3IpgLa1mzV:6wHEJ0K0nstTLakz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24bc8e986a5603e74efd9598952dbc50_JaffaCakes118

Files

24bc8e986a5603e74efd9598952dbc50_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

d140afaecff335a7cd570e078682576c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
InterlockedIncrement
VirtualAlloc
CreateMutexA
GetSystemDirectoryA
GetLocalTime
WinExec
GetWindowsDirectoryA
GetLastError
GetModuleFileNameA
LoadLibraryA
CreateThread
CloseHandle
CreateProcessA

user32

SetTimer
KillTimer
SetWindowsHookExA
RegisterClassExA
DefWindowProcA
GetMessageA
TranslateMessage
DispatchMessageA
FindWindowExA
PostMessageA
CreateWindowExA
CallNextHookEx
UnhookWindowsHookEx
ShowWindow

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

msvcrt

atoi
_adjust_fdiv
malloc
_initterm
free
strchr
fopen
fwrite
fclose
_stricmp
_except_handler3
strrchr
sprintf
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z

shlwapi

SHGetValueA

wininet

HttpQueryInfoA
InternetOpenUrlA
InternetSetOptionA
InternetOpenA
InternetReadFile
InternetCloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d140afaecff335a7cd570e078682576c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

shlwapi

wininet

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 884B

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 884B