89a4ba0e047b190aec3c0c6c4c9aaf04_JaffaCakes118

General

Target

89a4ba0e047b190aec3c0c6c4c9aaf04_JaffaCakes118
Size

16KB
MD5

89a4ba0e047b190aec3c0c6c4c9aaf04
SHA1

b8f746b8e35e9be0752cc3f83422cfa3b0236d94
SHA256

d303a8c6a587023b8f8d58b15f49591f459770752163ac446ec0914ad7d4f230
SHA512

b96b6be9e66dc0e0bd168dd4328d1e941c69d98329f7b94d311f98ca86e2812bae9612e4c8a4dc7063c414cf785cdd38a467e7894e08d6e14cde6642acb40b74
SSDEEP

384:JToFqJNvOmiA7eMXVc7ZBTSN9iKSVbKy/zb5ht5NcuQPDG:uq7XiA7eMlclB2qKSbrbXt5Ncu+D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89a4ba0e047b190aec3c0c6c4c9aaf04_JaffaCakes118

Files

89a4ba0e047b190aec3c0c6c4c9aaf04_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6ef5f07f62cf05fb2281f46306f6692d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GetTickCount
CloseHandle
WriteFile
ReadFile
CreateFileA
lstrcatA
lstrcmpA
SetFilePointer
CreateEventA
GetProcAddress
GetTempPathA
GetFileAttributesA
HeapReAlloc
HeapFree
ResetEvent
GetLastError
GetSystemDefaultLCID
GlobalFree
GetUserDefaultLCID
GetProcessHeap
HeapAlloc
GlobalAlloc
lstrcpynA
lstrcpyA
GetModuleHandleA
lstrlenA

user32

ShowWindow
wsprintfA
CallWindowProcA
DestroyWindow
EnableWindow
CreateWindowExW
RegisterWindowMessageA
SetDlgItemTextA
MessageBoxA
wsprintfW
SetWindowTextA
SendMessageA
GetDlgItem
GetFocus
IsWindowVisible
SetWindowLongA
GetClientRect
GetWindowRect
CreateWindowExA
GetWindowLongA
GetTopWindow

advapi32

RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey

wininet

InternetSetFilePointer
InternetCloseHandle
InternetOpenA
InternetConnectA
HttpOpenRequestA

Exports

Exports

e
l
r

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ef5f07f62cf05fb2281f46306f6692d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB