5f155e59e5f86017ac41684b7880512b_JaffaCakes118

General

Target

5f155e59e5f86017ac41684b7880512b_JaffaCakes118
Size

112KB
MD5

5f155e59e5f86017ac41684b7880512b
SHA1

1aab6ad64962d3eaf91930881c1fecf6455d0456
SHA256

3592dd06dd453434d20ad27247901c1723516c21e2ba3f8ebf2b6804330178cd
SHA512

1c6d392301c3a8f90842a075cd684407d2af37a6b8f0b9fa22455fc0c09841ece710a7b0920528f55548fb4140ddc7758299f9fda6adc1670cf9b950bb71e68b
SSDEEP

3072:ZjEy0IzYZ9EAk5pR/nI/bqoofjJiu1ALmVP:24zYkAkp/I/bKfli3yVP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f155e59e5f86017ac41684b7880512b_JaffaCakes118

Files

5f155e59e5f86017ac41684b7880512b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

ad68c1939412cf553c1f8af6044b4d02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
WaitForSingleObject
lstrcpyW
SetWaitableTimer
VirtualFree
DuplicateHandle
GetFileAttributesW
TerminateThread
ReadFile
GetProcAddress
CreateThread
SetCurrentDirectoryW
WaitForMultipleObjects
ReadProcessMemory
ResetEvent
FreeLibrary
CreateEventW
LoadLibraryA
GlobalAddAtomW
GetFileSize
FindClose
GetCurrentThread
GetPrivateProfileStringW
CreateWaitableTimerW
SuspendThread
MulDiv
GetSystemTime

user32

LoadBitmapW
DialogBoxParamW
PostMessageW
UpdateWindow
ReleaseCapture
DefWindowProcW
GetWindowThreadProcessId
IsWindow
SetWindowTextW
SystemParametersInfoW
RegisterHotKey
GetSystemMetrics
CreateWindowExW
LoadImageW
CreatePopupMenu
ReleaseDC
GetDlgItem
GetSysColor
LoadCursorW
EnableWindow
SetCursor

gdi32

CreateBitmap
LineTo
CreateICW
GetClipBox
SelectObject
Rectangle
CreateRoundRectRgn
DeleteObject
CreateSolidBrush
GetObjectW
CreateFontIndirectW
CreateDCW
GetDeviceCaps

advapi32

RegSetValueExW
StartServiceW
InitializeSecurityDescriptor

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.pxtonp
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dcjel
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wkmsx
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad68c1939412cf553c1f8af6044b4d02

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.pxtonp Size: 92KB - Virtual size: 89KB

.dcjel Size: 4KB - Virtual size: 1KB

.wkmsx Size: 4KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 6KB

.pxtonp
Size: 92KB - Virtual size: 89KB

.dcjel
Size: 4KB - Virtual size: 1KB

.wkmsx
Size: 4KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 6KB