27464f152f486c4c5ca4243afbdd638d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

27464f152f486c4c5ca4243afbdd638d_JaffaCakes118
Size

12KB
MD5

27464f152f486c4c5ca4243afbdd638d
SHA1

f6b783fac24a2a5146df8596931748955583397b
SHA256

87230cf79d340aa16f50313e24df176002489d439f44f863dd3611ca14c6ad32
SHA512

7bd1a05394602ea0bfe0339af15953adaf5839472e77b5641264108dfe57b82b8d2718e63d3925b34164c329b74704ba5b1b8f40d06ed1c904b9863d8aea48cc
SSDEEP

192:MACz6lQFPnoaATzFczWkrvpzfrbDGReNlds3lx4pSXCSaEuxHylTPIyBOg:MACz6lCPnopGz9rvBKeNlSsylWg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27464f152f486c4c5ca4243afbdd638d_JaffaCakes118

Files

27464f152f486c4c5ca4243afbdd638d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

9e68165def738c65fe460e1921446f87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
HeapAlloc
GetSystemInfo
HeapCreate
DisableThreadLibraryCalls
DebugBreak
HeapFree
lstrlenA
GetStringTypeA
RtlUnwind
LCMapStringW
LCMapStringA
GetStringTypeW
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
GetTempPathA
GetTickCount
CreateFileA
SizeofResource
WriteFile
CloseHandle
LoadLibraryA
GetProcAddress
FreeLibrary
lstrlenW
DeleteFileA

msvcrt

memcmp
memcpy
strlen
strstr
strcat

shlwapi

SHDeleteKeyA
SHGetValueA
SHSetValueA

user32

CharLowerBuffA
wvsprintfA

advapi32

RegOpenKeyA
RegEnumKeyA
RegCloseKey

ole32

CLSIDFromString

oleaut32

LoadRegTypeLi
SysStringLen
SysFreeString

atl

ord23
ord15
ord18
ord57
ord16
ord32
ord58
ord30
ord21

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 842B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e68165def738c65fe460e1921446f87

Headers

File Characteristics

Imports

kernel32

msvcrt

shlwapi

user32

advapi32

ole32

oleaut32

atl

Exports

Exports

Sections

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 7KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 48KB - Virtual size: 47KB

.reloc Size: 1024B - Virtual size: 842B

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 7KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 48KB - Virtual size: 47KB

.reloc
Size: 1024B - Virtual size: 842B