8e8374ef0a445b6f709327b692a7510a_JaffaCakes118

General

Target

8e8374ef0a445b6f709327b692a7510a_JaffaCakes118
Size

12KB
MD5

8e8374ef0a445b6f709327b692a7510a
SHA1

af89764c4e76cf60b48ce9c104aced7232682915
SHA256

24bead48c9bebba74e1801b34e3fbb535405d621375ea70643d7b3d0a85e47ca
SHA512

b53aa99ecc27783bedd9239371b868fc69c87e11d40424131e701d83fad3f55ffc714700e7d68ae3d2825e73f9d153807875738cc034dd39881dcdf459797ed1
SSDEEP

384:QBhc1spSm0O0mUqWlrqbbV+ujzlX+M7iF:eLn0O0mgmX8EOX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e8374ef0a445b6f709327b692a7510a_JaffaCakes118

Files

8e8374ef0a445b6f709327b692a7510a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4c2850be4581cf8684ecefa56a5d4e10

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

RegisterClassExA
SetWindowTextA
TranslateAcceleratorA
TranslateMessage
PostQuitMessage
LoadCursorA
SetTimer
LoadIconA
SetWindowPos
LoadAcceleratorsA
KillTimer
GetMessageA
EndPaint
DispatchMessageA
DefWindowProcA
CreateWindowExA
BeginPaint

kernel32

lstrcpynA
WaitForSingleObject
TerminateProcess
RtlZeroMemory
LoadLibraryA
GetVersionExA
GetTempPathA
GetTempFileNameA
GetProcAddress
GetModuleFileNameA
CloseHandle
CreateThread
DeleteFileA
GetLongPathNameA

msvcrt

fwrite
strlen
strcpy
strcat
fseek
fread
fopen
fclose
atoi
_strlwr

shlwapi

PathFileExistsA
StrStrA

shell32

Shell_NotifyIconA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyA
RegCloseKey

Exports

Exports

aab
all
allert2
fgllert
load
windows

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 402B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c2850be4581cf8684ecefa56a5d4e10

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

shlwapi

shell32

advapi32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 402B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 402B