609b97a4db14371294c02f0a46a4fdba_JaffaCakes118

General

Target

609b97a4db14371294c02f0a46a4fdba_JaffaCakes118
Size

124KB
MD5

609b97a4db14371294c02f0a46a4fdba
SHA1

4a7031b2a35e050efedc263387a12874067092f2
SHA256

0a34d67cff8bc4f1b96f454ea6725de164613c006943bc39738677d9584dfa3e
SHA512

3fcd76037694c6b8768d1ecb2cb360b5522e95b558a76a607b9e37d04d6c2e277731bf34ba44ae4e54b92dcd348af920ecde66bc2823b8890a78882bd0a60f84
SSDEEP

3072:HodBk9QwPuE/QJZSabFh+oJTd/WOdwYLKFHR6Yl73:HoLk9nQbSabied+OmYLKFHMY13

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
609b97a4db14371294c02f0a46a4fdba_JaffaCakes118

Files

609b97a4db14371294c02f0a46a4fdba_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f4486deace40c387456a41010b806ee7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateEventA
CloseHandle
LeaveCriticalSection
GetProcAddress
CreateProcessA
GetModuleFileNameA
Sleep
InterlockedDecrement
WaitForSingleObject
ExitProcess
SetLastError
GetTickCount
LoadLibraryA
lstrlenA
EnterCriticalSection
CreateDirectoryA
GetModuleHandleA
UnmapViewOfFile
GetCommandLineA
InterlockedCompareExchange
lstrlenW
ReleaseMutex
OpenEventA
LocalFree
InterlockedIncrement
GetLastError
CopyFileA
MapViewOfFile

ole32

OleCreate
CreateBindCtx
CoUninitialize
CoInitialize
OleSetContainedObject
CoCreateGuid

user32

KillTimer
FindWindowA
PostQuitMessage
DispatchMessageA
CreateWindowExA
SendMessageA
DestroyWindow
SetTimer
DefWindowProcA
GetSystemMetrics
GetWindowLongA
RegisterWindowMessageA
PostMessageA
GetMessageA
GetClassNameA
GetParent
SetWindowLongA
TranslateMessage

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString

shlwapi

StrStrIW
UrlUnescapeW

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegSetValueExA

Exports

Exports

usbMouse32

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4486deace40c387456a41010b806ee7

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 100KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 104KB - Virtual size: 100KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB