3a7c26d8bff657f214bc68f93980b0c5_JaffaCakes118

General

Target

3a7c26d8bff657f214bc68f93980b0c5_JaffaCakes118
Size

136KB
MD5

3a7c26d8bff657f214bc68f93980b0c5
SHA1

2fbcc8a20d83b820909d80e351bc27d5af175858
SHA256

1e63f86b6296a3c6ea35692a971dac645941be310b96edc054ec6708eb744c5e
SHA512

3146dac65d7551571a862ab4676925365fa41dba989af64fb73ca1ea44753d3b576cbc47dd02df89710acdd9fdc7a1d52dd44d38ecd60c218e583ac5d926bcad
SSDEEP

3072:pTYXqIr8alipcbscUvg3sQKnFyUp4jron8w8uFLYoLbLQb8:pPIaFcU0sQKFP8HuBPQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a7c26d8bff657f214bc68f93980b0c5_JaffaCakes118

Files

3a7c26d8bff657f214bc68f93980b0c5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

02f00339f5800ec895858248a10af99b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
CopyFileA
CreateDirectoryA
LocalFree
MapViewOfFile
CloseHandle
Sleep
GetModuleHandleA
GetModuleFileNameA
UnmapViewOfFile
InterlockedCompareExchange
CreateEventA
GetTickCount
CreateProcessA
InterlockedIncrement
ExitProcess
GetLastError
GetCommandLineA
SetLastError
lstrlenA
ReleaseMutex
OpenEventA
LeaveCriticalSection
InterlockedDecrement
LoadLibraryA
WaitForSingleObject
GetProcAddress
EnterCriticalSection

ole32

OleCreate
CoUninitialize
CoCreateGuid
CoInitialize
CreateBindCtx
OleSetContainedObject

user32

SetWindowLongA
FindWindowA
PostQuitMessage
KillTimer
PostMessageA
DispatchMessageA
GetSystemMetrics
GetMessageA
DestroyWindow
RegisterWindowMessageA
TranslateMessage
GetWindowLongA
SetTimer
CreateWindowExA
SendMessageA
GetParent
DefWindowProcA
GetClassNameA

oleaut32

SysFreeString
SysAllocString
SysAllocStringLen

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

Exports

Exports

DevPadusb

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02f00339f5800ec895858248a10af99b

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB