9fe7291b9b9ed3b744ed558cf6890c0e_JaffaCakes118

General

Target

9fe7291b9b9ed3b744ed558cf6890c0e_JaffaCakes118
Size

51KB
MD5

9fe7291b9b9ed3b744ed558cf6890c0e
SHA1

22a914798c8a54f3aedfda1e45b6d94ba23b0e82
SHA256

b67b38b87801dd56243599598e52a1c316fd0d7c300e6375dc39c27a17f5844e
SHA512

7b61fb0a165a9ead8c5abb3349ed8dc70546847f8f04506b6844948aeab3c882fc6bb575faa9bae6db39231524e1c2cf61942ca9fd7864e6136fd7130ec09e5a
SSDEEP

768:mh2rwqW3lU8imnT+ymkPMOTYufd1LfImmqktMk:mhJ1U8nT+yzjTYufvpxk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9fe7291b9b9ed3b744ed558cf6890c0e_JaffaCakes118

Files

9fe7291b9b9ed3b744ed558cf6890c0e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

0c53a89e2fbfc0519dbd0b23e628e633

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SendMessageA
GetForegroundWindow
GetClassNameA
FindWindowExA
wsprintfA

kernel32

CreateFileA
CreateThread
DeleteFileA
GetModuleFileNameA
CloseHandle
GetSystemTime
GetTickCount
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
ReadFile
SetFilePointer
GetSystemDirectoryA
SystemTimeToFileTime
WinExec
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrlenA
Sleep

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

wininet

DeleteUrlCacheEntryA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA

urlmon

URLDownloadToFileA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c53a89e2fbfc0519dbd0b23e628e633

Headers

File Characteristics

Imports

user32

kernel32

advapi32

wininet

urlmon

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.bss Size: - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 39KB - Virtual size: 38KB

.reloc Size: 1024B - Virtual size: 610B

.text
Size: 4KB - Virtual size: 4KB

.bss
Size: - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 39KB - Virtual size: 38KB

.reloc
Size: 1024B - Virtual size: 610B