5b79002805b0bd054da1d32f8c1d1887_JaffaCakes118

General

Target

5b79002805b0bd054da1d32f8c1d1887_JaffaCakes118
Size

12KB
MD5

5b79002805b0bd054da1d32f8c1d1887
SHA1

1a9b45b8d56344a40fcefab2b1d9c1c90cfe2557
SHA256

91348cffe0810c20b9dfa8b86c7944b6119504055fb1ad97c664b2aba529d4fd
SHA512

f009715d782cebf1fefcf91374bd057506d6b34ed1c822726220ef9bdd931ec7ab2de250a75b875991ce56d0bfbc547b01b1fad53108e8c341df9c34889b30f1
SSDEEP

384:D3K8+mAYusPNJeoBHQ/IGgnTZkBCzNY+W5s:D3K8nFTHnrvZkBCm+W5s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b79002805b0bd054da1d32f8c1d1887_JaffaCakes118

Files

5b79002805b0bd054da1d32f8c1d1887_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

14ef32cde2122a9b44befeb04bcd3745

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
malloc
_initterm
free
??1type_info@@UAE@XZ
??2@YAPAXI@Z
strrchr
??3@YAXPAX@Z
srand
rand
_strupr
strstr
sprintf
_CxxThrowException
_except_handler3
?terminate@@YAXXZ

kernel32

LocalFree
CreateThread
DeleteFileA
CloseHandle
CreateToolhelp32Snapshot
CreateMutexA
ExitProcess
CreateFileA
lstrlenA
MoveFileExA
GetCurrentProcess
Process32First
GetTickCount
ExpandEnvironmentStringsA
WriteFile
OpenProcess
TerminateThread
Sleep
TerminateProcess
FindFirstFileA
GetLastError
SetFileAttributesA
FindClose
Process32Next
GetModuleFileNameA
FindNextFileA

user32

ShowWindow
SendMessageA
FindWindowA
wsprintfA
FindWindowExA

advapi32

RegCloseKey
AdjustTokenPrivileges
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
LookupPrivilegeValueA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
OpenProcessToken

shell32

ShellExecuteA

wininet

InternetCloseHandle
InternetOpenA
InternetReadFile
InternetOpenUrlA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14ef32cde2122a9b44befeb04bcd3745

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

wininet

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 220B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 220B

.reloc
Size: 1KB - Virtual size: 1KB