8825b71cd9b3a198eb59b2eb292b3f16_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8825b71cd9b3a198eb59b2eb292b3f16_JaffaCakes118
Size

132KB
MD5

8825b71cd9b3a198eb59b2eb292b3f16
SHA1

01d435eba96f43825658e8c51013055906ec9701
SHA256

d8d5237ccde5e6d25489e2329fc1e2a5a57e543bfb90a292951ea471fab3bc9c
SHA512

fd49efd433bef71528a0f46ef71cf4351b0c3170edae3643750a11dd74eeba607027c4be9262603f93e12e60130054095689e2ea452365edd4f5f21d235b7850
SSDEEP

3072:1DusSrbh3itqXd6qL6z1JpgS+pz2Zzakxs2imnmD8gJD:YsGbhSEXd6qLYJgBz21akRiuO8gN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8825b71cd9b3a198eb59b2eb292b3f16_JaffaCakes118

Files

8825b71cd9b3a198eb59b2eb292b3f16_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

7e62333301cd02549753b9c93204faf8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
GetModuleHandleA
GetProcAddress
VirtualProtect

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

gdi32

SetPixel

wsock32

WSACleanup

wininet

InternetReadFile

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

#
Size: - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

(
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

"
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

&
Size: - Virtual size: 209B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

"
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

=
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e62333301cd02549753b9c93204faf8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

gdi32

wsock32

wininet

Exports

Exports

Sections

# Size: - Virtual size: 143KB

( Size: - Virtual size: 3KB

5 Size: - Virtual size: 6KB

" Size: - Virtual size: 3KB

& Size: - Virtual size: 209B

4 Size: - Virtual size: 10KB

" Size: 512B - Virtual size: 4KB

= Size: - Virtual size: 20KB

8 Size: 130KB - Virtual size: 129KB

6 Size: 512B - Virtual size: 148B

#
Size: - Virtual size: 143KB

(
Size: - Virtual size: 3KB

5
Size: - Virtual size: 6KB

"
Size: - Virtual size: 3KB

&
Size: - Virtual size: 209B

4
Size: - Virtual size: 10KB

"
Size: 512B - Virtual size: 4KB

=
Size: - Virtual size: 20KB

8
Size: 130KB - Virtual size: 129KB

6
Size: 512B - Virtual size: 148B