83eb9be1c53c2180d3d5c991a48111dd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

83eb9be1c53c2180d3d5c991a48111dd_JaffaCakes118
Size

153KB
MD5

83eb9be1c53c2180d3d5c991a48111dd
SHA1

6021e799ba3b74bc8a711cb55fcc6530f2ab0bc7
SHA256

f86bd8acbfe47b71677047d76de133d922fd55a78247bc40fd3d14f3f688edc2
SHA512

f6d7f1b1e989a2e5d8c71f72f42a51ebf68a4654d42d8d53fe389addb4d4c4d8d780637ea65a6942b3fe50b4fb49edee93106122e7c23d33cc45f79e6976764e
SSDEEP

3072:V7pnzdp6qptBK1bMeQBSakHKSs8heMGc+lLw2:VRzXBFewSakJs4eMTYP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83eb9be1c53c2180d3d5c991a48111dd_JaffaCakes118

Files

83eb9be1c53c2180d3d5c991a48111dd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5eb16a1a9b0432326ed645b50b2dcda2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

netapi32

Netbios

sg50de32

_ReadINIInt@8

kernel32

_lread
GetComputerNameA
GetTempFileNameA
DeleteFileA
OpenFile
lstrcmpiA
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
lstrlenA
lstrcpyA
_lclose
lstrcatA
_lwrite
GetVersionExA

user32

DefWindowProcA
RegisterClassA
LoadCursorA
CreateWindowExA
UnregisterClassA
DestroyWindow
GetActiveWindow
MessageBoxA
SetTimer
KillTimer
PeekMessageA
TranslateMessage
DispatchMessageA
wsprintfA
PostMessageA

msvcr71

__dllonexit
_lseek
_onexit
_except_handler3
__CppXcptFilter
_adjust_fdiv
strrchr
malloc
_initterm
free
_stricmp

Exports

Exports

_DllMain@12
_DoesUserExist@8
_GetNumberOfUsers@4
_GetStationNameFromNetwork@8
_IsServer@4
_RegisterNetworkApp@28
_SendGlobalMessage@12
_SendReply@16
_SendServerRequest@20
_UnregisterNetworkApp@4

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5eb16a1a9b0432326ed645b50b2dcda2

Headers

File Characteristics

Imports

netapi32

sg50de32

kernel32

user32

msvcr71

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 852B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 968B

.text Size: 136KB - Virtual size: 136KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 852B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 968B

.text
Size: 136KB - Virtual size: 136KB