75da9a4b27d2f6078597642e6aad958b_JaffaCakes118

General

Target

75da9a4b27d2f6078597642e6aad958b_JaffaCakes118
Size

32KB
MD5

75da9a4b27d2f6078597642e6aad958b
SHA1

07bbe282d8860c7f571ae192727960d76f28d965
SHA256

f501c1b9e6120fd514567198bca020bd7738fb00f32ba88d19e6855eb2395cb5
SHA512

59a805f07ad867888f772d0683de6ac935ed9dca25cc0e18b202be926ca03e527264349a1010b3603ef9bc3cf561cf6e4cdcec039800612b7e3bba3ffffbe07f
SSDEEP

384:Sk9jJDZg3eMD5zBctgaO3VBaep0LMKOKd295YIcU61+Wp:tMHD5Fctgapem8Kdy5YIcUOh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75da9a4b27d2f6078597642e6aad958b_JaffaCakes118

Files

75da9a4b27d2f6078597642e6aad958b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

957337aff65cbfc3a404672f468880b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
HeapReAlloc
GetFileAttributesA
GetTempPathA
MultiByteToWideChar
GetTickCount
CloseHandle
WriteFile
ReadFile
CreateFileA
lstrcatA
lstrcmpA
SystemTimeToFileTime
GetSystemTime
HeapAlloc
CreateEventA
GetModuleHandleA
PulseEvent
GetProcessHeap
GetProcAddress
FreeLibrary
LoadLibraryA
GetLastError
GlobalFree
GlobalAlloc
lstrcpynA
lstrcpyA
SetFilePointer

user32

RegisterWindowMessageA
SetWindowLongA
SetDlgItemTextA
MessageBoxA
SetWindowTextA
EndPaint
BeginPaint
IsChild
AnyPopup
ShowWindow
SendMessageA
GetDlgItem
GetFocus
GetClientRect
GetWindowRect
CreateWindowExA
GetWindowLongA
CreateWindowExW
EnableWindow
DestroyWindow
CallWindowProcA
wsprintfA
IsWindowVisible

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

wininet

InternetCloseHandle
InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetSetFilePointer

Exports

Exports

check
copy
run

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

957337aff65cbfc3a404672f468880b1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 2KB