6fc6f9ae9f46fdbf9109a4aaea604352_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6fc6f9ae9f46fdbf9109a4aaea604352_JaffaCakes118
Size

821KB
MD5

6fc6f9ae9f46fdbf9109a4aaea604352
SHA1

408692ef949f2b66c5a42c7308a1c0ca07af6b24
SHA256

60b70f702dfba376ac90ee65881a40f1c85d28eeff1fbaf8c0555f1da5d408a8
SHA512

ae8b607ee13bcaa9dbe66ed248d4a48d1d84c2691e08805f3c439a0eee2ae083d561f27d0156e0833f75387308e52c38601777759adbf1c7a4f00749ac6a5c29
SSDEEP

24576:7AYDn9Xvmp7mscgNV0s6DH0A4f6W8viFBCYm:P9fc7dcgXxGH0l6h+B9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fc6f9ae9f46fdbf9109a4aaea604352_JaffaCakes118

Files

6fc6f9ae9f46fdbf9109a4aaea604352_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

f9fec50bafa2f26c7acb4b87aed65e0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

shell32

SHFileOperationA

urlmon

URLDownloadToFileA

comdlg32

GetOpenFileNameA

netapi32

Netbios

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 258KB - Virtual size: 756KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 170B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 497KB - Virtual size: 502KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f9fec50bafa2f26c7acb4b87aed65e0c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

version

gdi32

ole32

comctl32

shell32

urlmon

comdlg32

netapi32

Exports

Exports

Sections

CODE Size: 258KB - Virtual size: 756KB

.edata Size: 512B - Virtual size: 170B

.reloc Size: 53KB - Virtual size: 53KB

.rsrc Size: 497KB - Virtual size: 502KB

.rsrc Size: 9KB - Virtual size: 12KB

.reloc Size: 512B - Virtual size: 512B

CODE
Size: 258KB - Virtual size: 756KB

.edata
Size: 512B - Virtual size: 170B

.reloc
Size: 53KB - Virtual size: 53KB

.rsrc
Size: 497KB - Virtual size: 502KB

.rsrc
Size: 9KB - Virtual size: 12KB

.reloc
Size: 512B - Virtual size: 512B