3a3459d96e8ba0b66610b2b464f47428_JaffaCakes118

General

Target

3a3459d96e8ba0b66610b2b464f47428_JaffaCakes118
Size

128KB
MD5

3a3459d96e8ba0b66610b2b464f47428
SHA1

b6d86adb606d9525e3b4a673131d0de2034dafde
SHA256

402a2b20f6dc0088089af6d609be1d72f95010d1ef7f2153c38b43292f6b4fc1
SHA512

932fb894187c3b9777795f3546a145652948f3ae29324c79d298ac01f63110f4392be7f3520c991d1b44d1af6a0ead14fe3765ff6e26584b80f7acb04fc03bdf
SSDEEP

3072:DhUQo/xkKahwTtO2SIQ9XUnKfjz0xfjIX1P:yQEkKa+TIjrfH7X1P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a3459d96e8ba0b66610b2b464f47428_JaffaCakes118

Files

3a3459d96e8ba0b66610b2b464f47428_JaffaCakes118
.dll windows:4 windows x86 arch:x86

43aabea01d2cc61e9d9a4595fb890437

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
CopyFileA
CloseHandle
Sleep
LocalFree
CreateDirectoryA
UnmapViewOfFile
SetLastError
LoadLibraryA
InterlockedDecrement
CreateEventA
GetModuleHandleA
GetLastError
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
WaitForSingleObject
GetTickCount
InterlockedIncrement
CreateProcessA
ReleaseMutex
MapViewOfFile
GetModuleFileNameA
InterlockedCompareExchange
OpenEventA
GetProcAddress
ExitProcess
lstrlenW

ole32

OleSetContainedObject
CoUninitialize
CoCreateGuid
CoInitialize
CreateBindCtx
OleCreate

user32

DestroyWindow
GetWindowLongA
FindWindowA
DefWindowProcA
CreateWindowExA
GetSystemMetrics
PostMessageA
SendMessageA
PostQuitMessage
GetParent
RegisterWindowMessageA
TranslateMessage
KillTimer
DispatchMessageA
SetTimer
GetMessageA
SetWindowLongA
GetClassNameA

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA

Exports

Exports

AppleCommsmm

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43aabea01d2cc61e9d9a4595fb890437

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 106KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 108KB - Virtual size: 106KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB