9679855394575ff25eec526ebbde6dcf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9679855394575ff25eec526ebbde6dcf_JaffaCakes118
Size

65KB
MD5

9679855394575ff25eec526ebbde6dcf
SHA1

d7cc674f20eaad8e01edb5860fbe1b57c33abad4
SHA256

94977e74d73ec8f220ff6882775be5ffa37f0d570b77c1f12ab98e00ce0cb7fd
SHA512

91f10184d667854e9c6e5bfc18c4e9871385df81c49edcf7e87d9285ab196fc4a5d37df72c1072dae826d35c8210d087414d4c620d7d3f7883195d4c55d6587a
SSDEEP

1536:5pzOBeKxFa9G4UxItTC0rf6pdkslALyXlZx:JwocZSqpislALyVZx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9679855394575ff25eec526ebbde6dcf_JaffaCakes118

Files

9679855394575ff25eec526ebbde6dcf_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

26c89d8a138170196690f00e50bc8d33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrlenA
HeapDestroy
GetShortPathNameA
GetModuleHandleA
GetModuleFileNameA
MultiByteToWideChar
lstrlenW
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
EnterCriticalSection
GlobalUnlock
GlobalLock
lstrcpynA
lstrcpynW
WinExec
DeleteCriticalSection
InitializeCriticalSection
GetVersion
WideCharToMultiByte
DisableThreadLibraryCalls
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
RtlUnwind
GetCommandLineA
HeapFree
RaiseException
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo

user32

LoadBitmapA
CharNextA
wsprintfA
InsertMenuA
SetMenuItemBitmaps

shell32

SHGetSpecialFolderPathA
DragQueryFileA

advapi32

RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegSetValueExA

ole32

CoCreateInstance
ReleaseStgMedium

oleaut32

RegisterTypeLi
SysAllocString
LoadTypeLi
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26c89d8a138170196690f00e50bc8d33

Headers

File Characteristics

Imports

kernel32

user32

shell32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 39KB - Virtual size: 39KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 11KB - Virtual size: 12KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 39KB - Virtual size: 39KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 4KB