a31629aba931a620f9ccf81f827ef728_JaffaCakes118

General

Target

a31629aba931a620f9ccf81f827ef728_JaffaCakes118
Size

120KB
MD5

a31629aba931a620f9ccf81f827ef728
SHA1

79ae161fe3c91cbbf610be02e484b4a461f5a739
SHA256

3a49083985d66e8a375368e9aae9dfcd3edce10600a1960d4e791978164c5458
SHA512

e05097ca6dae660157670afbc9612922fa3bb00072a5a45107af45fff809d1bc12c96752e5bff4c10edd501cdb76db3d50709e6ea54405aba7905f821d569075
SSDEEP

1536:xVRji1vlt0OV3+IL9DwDmO1wmVz1UU+habfZYdxj52URay9yzCxqWOZpFhN:x/iVlVSmO1xAU0KUYXYqjbT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a31629aba931a620f9ccf81f827ef728_JaffaCakes118

Files

a31629aba931a620f9ccf81f827ef728_JaffaCakes118
.dll windows:4 windows x86 arch:x86

996374f80cb346dc694a75f1f9abfddb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CopyFileA
Sleep
LoadLibraryA
MapViewOfFile
CreateDirectoryA
OpenEventA
InterlockedCompareExchange
LeaveCriticalSection
GetProcAddress
InterlockedDecrement
CreateProcessA
GetCommandLineA
lstrlenA
UnmapViewOfFile
GetModuleHandleA
WaitForSingleObject
GetTickCount
CloseHandle
SetLastError
ExitProcess
lstrlenW
InterlockedIncrement
CreateEventA
LocalFree
ReleaseMutex
GetLastError
EnterCriticalSection
GetModuleFileNameA

ole32

OleCreate
CreateBindCtx
CoInitialize
OleSetContainedObject
CoUninitialize
CoCreateGuid

user32

GetSystemMetrics
PostQuitMessage
DefWindowProcA
SetTimer
FindWindowA
SetWindowLongA
TranslateMessage
GetClassNameA
CreateWindowExA
PostMessageA
KillTimer
DispatchMessageA
GetMessageA
RegisterWindowMessageA
GetWindowLongA
SendMessageA
GetParent
DestroyWindow

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA

Exports

Exports

userPadSnap

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

996374f80cb346dc694a75f1f9abfddb

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB