943d4a837790feac7b8f0acb9b7a614f_JaffaCakes118

General

Target

943d4a837790feac7b8f0acb9b7a614f_JaffaCakes118
Size

70KB
MD5

943d4a837790feac7b8f0acb9b7a614f
SHA1

617c893d40dda9c78b6dd4e0f3ec7f50db74a89c
SHA256

7f79ffbee6bcb66138dbd3abfb26d885b495895e6acb85b899d408c1461e6bdf
SHA512

115c024f9cf7ff6404cabfa32df818dc4f8677523076e3325689fe712cdd1f06c084500f3e1952b036db3c14d8a03c9c461965a7eb66e757cff4892c18329fc9
SSDEEP

1536:KdllqCiLmCaruj1QJClNxMu8LlcAM8kVuT13+HiyWky:GllMouSQPmJLW3AuCwy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
943d4a837790feac7b8f0acb9b7a614f_JaffaCakes118

Files

943d4a837790feac7b8f0acb9b7a614f_JaffaCakes118
.dll windows:5 windows x86 arch:x86

6772c4b6642b88de3cdc3f8f2d295dc0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegEnumValueW
RegOpenKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageW
ord17
PropertySheetW

kernel32

lstrcatW
lstrcpyW
WriteProfileStringW
lstrcmpiW
GetProfileStringW
FormatMessageW
BuildCommDCBW
GetLastError
lstrcpynW
LocalAlloc
LocalFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetProcessHeap

ntdll

memmove
RtlUnwind

setupapi

SetupDiDestroyDeviceInfoList
SetupDiOpenDevRegKey
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo

user32

SetWindowLongW
WinHelpW
DefDlgProcW
EndDialog
ShowWindow
EnableWindow
SendMessageW
LoadStringW
GetWindowLongW
wsprintfW
SendNotifyMessageW
GetParent
MessageBoxIndirectW
GetDlgItem

Exports

Exports

drvCommConfigDialogA
drvCommConfigDialogW
drvGetDefaultCommConfigA
drvGetDefaultCommConfigW
drvSetDefaultCommConfigA
drvSetDefaultCommConfigW

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 866B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6772c4b6642b88de3cdc3f8f2d295dc0

Headers

File Characteristics

Imports

advapi32

comctl32

kernel32

ntdll

setupapi

user32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 56KB - Virtual size: 56KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 866B

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 56KB - Virtual size: 56KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 866B