8670725631987f602814f79f24fb2bde_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8670725631987f602814f79f24fb2bde_JaffaCakes118
Size

252KB
MD5

8670725631987f602814f79f24fb2bde
SHA1

19463e83434a27d46a2d35d2173ac4f664317103
SHA256

6f8fbb3ee055c92eb2dbb9ba19ae346c78ed6925a4cc9f4118ee07cbd7404708
SHA512

25f81afe0054d965844619dd68066d7692fd8e71d60b7a80586fd2be4a411ff9fe3156d5f95b48139ddebf8ffc84d608c2dfd88085dfb70f86f5b8797d86dedd
SSDEEP

6144:s277v3KF7zg7sX+kcyFw7bnOaIaWjoWzYAOxjpS:sUo7zysqJ7bnjImwYAOxjpS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8670725631987f602814f79f24fb2bde_JaffaCakes118

Files

8670725631987f602814f79f24fb2bde_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

a77bee82dfa64b0a0cba5aacd5d80a4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcmpiA
SetErrorMode
GetModuleFileNameA
lstrlenA
LoadLibraryA
FreeLibrary
GetLastError
GetCurrentThread
GetThreadPriority
SetThreadPriority
GetACP
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
CloseHandle
CreateEventA
ResetEvent
DuplicateHandle
GetCurrentProcess
GetCurrentThreadId
SetEvent
WaitForMultipleObjects
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
GetSystemInfo
VirtualAlloc
VirtualFree
InterlockedExchange
CreateThread
GetProcAddress
GetModuleHandleA

user32

MsgWaitForMultipleObjects
wvsprintfA
wsprintfA
PeekMessageA
RegisterWindowMessageA
GetQueueStatus
DispatchMessageA
GetWindowLongA
SetWindowLongA
CreateDialogParamA
MoveWindow
InvalidateRect
ShowWindow
DestroyWindow
DefWindowProcA
LoadStringA
LoadStringW
GetWindowRect
GetDesktopWindow
PostThreadMessageA
SetTimer
KillTimer
GetDlgCtrlID
SendMessageA
GetDlgItem
SetWindowTextA

ole32

StringFromGUID2
CoInitialize
CoCreateInstance
CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

msvcrt

_purecall
memmove
_CIpow
_CIsinh
malloc
free
_ftol
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z

advapi32

RegCreateKeyA
RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegSetValueA
RegDeleteKeyA

oleaut32

SysFreeString
SysAllocString

winmm

timeGetTime
timeSetEvent

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a77bee82dfa64b0a0cba5aacd5d80a4e

Headers

File Characteristics

Imports

kernel32

user32

ole32

msvcrt

advapi32

oleaut32

winmm

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 4KB - Virtual size: 17KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 8KB - Virtual size: 4KB

.text Size: 116KB - Virtual size: 116KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 4KB - Virtual size: 17KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 116KB - Virtual size: 116KB