a103345acdb0d9758ad87f674910f79a_JaffaCakes118

General

Target

a103345acdb0d9758ad87f674910f79a_JaffaCakes118
Size

97KB
MD5

a103345acdb0d9758ad87f674910f79a
SHA1

b29cf0efbb8325cde890da235d79f164852d2f05
SHA256

8453eea725481a576450dd092c6896157b59473387fee17b00d6fe3664f66d92
SHA512

6666fead7f74ff78b237fb2366666534eb8d0d06ff7cdeb283bf0fd45543a6c3c9541280bf6347a02e6f0ec8f6b30295b624f20d2d27abc43d81e333fb9d262a
SSDEEP

1536:zrYdeD3KWK5/7TEsEgMs8tWVDpgf+qvFnKcr9uP8Qgusjub7vAsm:Q4ZK55pMvtkNgDpb94IuWu3vAN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a103345acdb0d9758ad87f674910f79a_JaffaCakes118

Files

a103345acdb0d9758ad87f674910f79a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

4aae09309d6286c69c1dacb5b8bff62a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateEventW
GlobalAlloc
CloseHandle
GetDriveTypeW
FindNextChangeNotification
FreeResource
MoveFileW
SetFilePointer
WideCharToMultiByte
FindClose
GetProcAddress
FileTimeToSystemTime
LoadLibraryA
VirtualAlloc
SetEndOfFile
CreateFileW
lstrlenW
ResetEvent
MulDiv
Sleep
ReadFile
GetFileAttributesW
GlobalLock
GetFileAttributesExW
LoadLibraryW
SetLastError
InterlockedDecrement
WaitForMultipleObjects

user32

LoadIconW
RegisterClassExW
AppendMenuW
SetDlgItemTextW
LoadCursorW
ReleaseDC
GetCursorPos
GetWindowRect
TrackPopupMenu
SystemParametersInfoW
DefWindowProcW
VkKeyScanW
GetDlgItem
TranslateMessage
LoadStringW
SetCursor
ReleaseCapture
LoadImageW
RedrawWindow
MessageBoxW
LoadBitmapW
GetSysColor

gdi32

StretchBlt
GetDeviceCaps
GetStockObject
CreateFontIndirectW
CreateBitmap
LineTo
GetMapMode
CreatePen

advapi32

LookupPrivilegeValueW
RegCloseKey
RegNotifyChangeKeyValue

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.ienzs
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.eztrcu
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bida
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4aae09309d6286c69c1dacb5b8bff62a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.ienzs Size: 88KB - Virtual size: 86KB

.eztrcu Size: 4KB - Virtual size: 1KB

.bida Size: 4KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 6KB

.ienzs
Size: 88KB - Virtual size: 86KB

.eztrcu
Size: 4KB - Virtual size: 1KB

.bida
Size: 4KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 6KB