83209330befccaf1e527ac4de328c92b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

83209330befccaf1e527ac4de328c92b_JaffaCakes118
Size

104KB
MD5

83209330befccaf1e527ac4de328c92b
SHA1

fade70a0b10e6c8e9ae25efa1d543e813d3b2af3
SHA256

d0f8023c048c74fc4e1da4724b0c314d96a17804ba9ecd8476d645409505f2bf
SHA512

57b20fbc64b409b01561c874e96ab0f82c20268eaa3603bf97d0927a302ab4cb287b0befc15be807da95a33f169e55a256c4ecb78fb298aa25c04c35e4295826
SSDEEP

1536:wzAoGs4DwYwtBv2nxJX6AnDn9MQMQYZjJVrUG8ZF:RoGs4DUtBKX6AD9M1Xw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83209330befccaf1e527ac4de328c92b_JaffaCakes118

Files

83209330befccaf1e527ac4de328c92b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

1b2ca553a912b54e7e99d8d3833fb7e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
HeapAlloc
GetSystemInfo
HeapCreate
DisableThreadLibraryCalls
DebugBreak
HeapFree
lstrlenA
GetStringTypeA
RtlUnwind
LCMapStringW
LCMapStringA
GetStringTypeW
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
GetTempPathA
GetTickCount
CreateFileA
SizeofResource
WriteFile
CloseHandle
LoadLibraryA
GetProcAddress
FreeLibrary
lstrlenW
DeleteFileA

msvcrt

memcmp
memcpy
strstr
strlen
strcat

shlwapi

SHDeleteKeyA
SHGetValueA
SHSetValueA

user32

CharLowerBuffA
wvsprintfA

advapi32

RegOpenKeyA
RegEnumKeyA
RegCloseKey

ole32

CLSIDFromString

oleaut32

LoadRegTypeLi
SysStringLen
SysFreeString

atl

ord23
ord15
ord18
ord57
ord16
ord32
ord58
ord30
ord21

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 846B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b2ca553a912b54e7e99d8d3833fb7e2

Headers

File Characteristics

Imports

kernel32

msvcrt

shlwapi

user32

advapi32

ole32

oleaut32

atl

Exports

Exports

Sections

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 7KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 43KB - Virtual size: 43KB

.reloc Size: 1024B - Virtual size: 846B

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 7KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 43KB - Virtual size: 43KB

.reloc
Size: 1024B - Virtual size: 846B