8d3824c3518a983fa1d80010890d65c2_JaffaCakes118

General

Target

8d3824c3518a983fa1d80010890d65c2_JaffaCakes118
Size

44KB
MD5

8d3824c3518a983fa1d80010890d65c2
SHA1

3fa6a5a583d48fe24609a8daa4503b70442dedad
SHA256

c7f5d5c733dd7ecabd0bd77c3a6dea1fe3e26c7837204b100cc9c7337571602f
SHA512

72c020b1ba1ad62a166f4ab6639dc3d53a657395bbfbf08e2feb043bd096ea93a99e41b24b68656096fedd8d65162b3c75c144817e2a88e6d947b135a4774b6d
SSDEEP

768:1pkavcicWDJBLzMn2O35ECI7dJCgLa1c:8DZKriECY7LaC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d3824c3518a983fa1d80010890d65c2_JaffaCakes118

Files

8d3824c3518a983fa1d80010890d65c2_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

62c3c3fff1bfe63475b964b01e5bc2db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
CreateProcessA
GetModuleFileNameA
GetLocalTime
InterlockedIncrement
CreateMutexA
WinExec
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
VirtualAlloc
CreateThread
CloseHandle
GetSystemDirectoryA

user32

DefWindowProcA
ShowWindow
CreateWindowExA
SetWindowsHookExA
FindWindowExA
SetTimer
UnhookWindowsHookEx
GetMessageA
TranslateMessage
DispatchMessageA
RegisterClassExA
KillTimer
PostMessageA
CallNextHookEx

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

msvcrt

fclose
_adjust_fdiv
malloc
_initterm
free
atoi
strchr
fopen
fwrite
_stricmp
strrchr
_except_handler3
sprintf
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z

shlwapi

SHGetValueA

wininet

HttpQueryInfoA
InternetOpenUrlA
InternetSetOptionA
InternetOpenA
InternetReadFile
InternetCloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62c3c3fff1bfe63475b964b01e5bc2db

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

shlwapi

wininet

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 876B

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 876B