9420a6f73cfe300319f247711d3cee06_JaffaCakes118

General

Target

9420a6f73cfe300319f247711d3cee06_JaffaCakes118
Size

120KB
MD5

9420a6f73cfe300319f247711d3cee06
SHA1

65efa90387cc4e63db3ea35295d559d421742728
SHA256

10dced2072fc1a263d91c95ff81acac83759763cd28524065fd0e7b98b27ae28
SHA512

837b621d031ccf9521e5569a182f35b967fc56f7f897e944628d5590ebfbd0c7d8fd00a2226aa5375ca810bf4f43b68ac9b20c914a8074c390e0c61197c2d98c
SSDEEP

1536:Obt35ao3IjKHWe0uPBUIlnc260RXpvlqJvm/II8t4Rap4tE3oQbmJT8/gt/:OxQY0K2enG21Xp0Je/IvG8Z4JNt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9420a6f73cfe300319f247711d3cee06_JaffaCakes118

Files

9420a6f73cfe300319f247711d3cee06_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6a8a25e635eef05aee041151629e6d21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
WaitForSingleObject
InterlockedCompareExchange
MapViewOfFile
LocalFree
InterlockedDecrement
GetTickCount
LoadLibraryA
EnterCriticalSection
CreateEventA
ExitProcess
GetModuleHandleA
CopyFileA
ReleaseMutex
lstrlenW
CreateDirectoryA
InterlockedIncrement
lstrlenA
GetModuleFileNameA
GetProcAddress
Sleep
UnmapViewOfFile
OpenEventA
GetLastError
CreateProcessA
CloseHandle
LeaveCriticalSection
SetLastError

ole32

OleCreate
CoInitialize
CoCreateGuid
CreateBindCtx
CoUninitialize
OleSetContainedObject

user32

GetParent
RegisterWindowMessageA
GetClassNameA
FindWindowA
PostQuitMessage
SendMessageA
SetTimer
GetSystemMetrics
GetMessageA
DefWindowProcA
KillTimer
TranslateMessage
DispatchMessageA
CreateWindowExA
SetWindowLongA
PostMessageA
GetWindowLongA
DestroyWindow

oleaut32

SysFreeString
SysAllocString
SysAllocStringLen

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA

Exports

Exports

uniCommsnt5

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a8a25e635eef05aee041151629e6d21

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB