71156a8d5ad86b3c595d3187552d403b_JaffaCakes118

General

Target

71156a8d5ad86b3c595d3187552d403b_JaffaCakes118
Size

44KB
MD5

71156a8d5ad86b3c595d3187552d403b
SHA1

32a84fe5e676cb455e2333b194ce950c6ee996e7
SHA256

772d4ac7cd810d98f4b578539c2f78548d4c65576965831fb3649c18fc3f6a36
SHA512

2b76f81b51d21e7b22a4113aca449f460b540f9891e51a1e9e924da6d896fdf47a2cb5c9bac64ebeed0b63933874d4794bde810ca68a93e80916cbf619f19c80
SSDEEP

768:aLh+ClTOyRxmpkav7FeDUmMEWoJ9gLa1cd:SNT33VyeYEBYLa6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71156a8d5ad86b3c595d3187552d403b_JaffaCakes118

Files

71156a8d5ad86b3c595d3187552d403b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

36c3651a3e1804c4a725d5ab04dd13a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
CloseHandle
GetLastError
CreateMutexA
GetLocalTime
GetModuleFileNameA
VirtualAlloc
CreateProcessA
GetSystemDirectoryA
GetWindowsDirectoryA
WinExec
LoadLibraryA
GetProcAddress
CreateThread

user32

ShowWindow
CreateWindowExA
DefWindowProcA
SetTimer
SetWindowsHookExA
TranslateMessage
DispatchMessageA
UnhookWindowsHookEx
CallNextHookEx
FindWindowExA
PostMessageA
GetMessageA
RegisterClassExA
KillTimer

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

msvcrt

fopen
_adjust_fdiv
malloc
_initterm
free
_except_handler3
atoi
strrchr
strchr
_stricmp
fwrite
fclose
sprintf
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z

wininet

InternetSetOptionA
InternetOpenA
InternetReadFile
InternetCloseHandle
InternetOpenUrlA
HttpQueryInfoA

shlwapi

SHGetValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36c3651a3e1804c4a725d5ab04dd13a9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

wininet

shlwapi

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 884B

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 884B