331f804f7896134b7c2a15e83a6d52b3_JaffaCakes118

General

Target

331f804f7896134b7c2a15e83a6d52b3_JaffaCakes118
Size

124KB
MD5

331f804f7896134b7c2a15e83a6d52b3
SHA1

1335cb658e219e5a547627831f9194557f7a914c
SHA256

f24761fd5fc5e367215ca80c5343f76e7372852ac2c10acae277c0f2f2a42381
SHA512

b2ce4515627e240d51a06af7beae309c517caef1b43ff9403e95c0df74d60e59d7f3d1e8e31148859db3a9dfea332bcc4fdd989e61e8be9b21d068f3db7935df
SSDEEP

3072:kFp7dZ+9g96cdIiMw1+F+bumtI8LoEvrY4o5LaIr:0pdZAc8dobtIGoJ4WL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
331f804f7896134b7c2a15e83a6d52b3_JaffaCakes118

Files

331f804f7896134b7c2a15e83a6d52b3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bf44e0a34603e174ce994f121359a7de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OpenEventA
Sleep
InterlockedCompareExchange
ExitProcess
GetLastError
GetCommandLineA
LoadLibraryA
GetTickCount
CreateDirectoryA
CopyFileA
InterlockedIncrement
CloseHandle
lstrlenA
MapViewOfFile
LocalFree
SetLastError
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
CreateProcessA
WaitForSingleObject
UnmapViewOfFile
InterlockedDecrement
LeaveCriticalSection
lstrlenW
CreateEventA
EnterCriticalSection
ReleaseMutex

ole32

CoInitialize
CoUninitialize
OleCreate
OleSetContainedObject
CreateBindCtx
CoCreateGuid

user32

FindWindowA
DefWindowProcA
GetClassNameA
DestroyWindow
PostMessageA
SendMessageA
CreateWindowExA
KillTimer
SetTimer
DispatchMessageA
RegisterWindowMessageA
GetParent
PostQuitMessage
GetWindowLongA
GetMessageA
TranslateMessage
GetSystemMetrics
SetWindowLongA

oleaut32

SysFreeString
SysAllocString
SysAllocStringLen

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

Exports

Exports

eventMainnet

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf44e0a34603e174ce994f121359a7de

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 100KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 104KB - Virtual size: 100KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB