baf82eb3d9dd544320703f58a350adee_JaffaCakes118

General

Target

baf82eb3d9dd544320703f58a350adee_JaffaCakes118
Size

140KB
MD5

baf82eb3d9dd544320703f58a350adee
SHA1

d6624ada729538921cf8ed43063437475a9f453e
SHA256

e75805d40d04ad3a0926579bb40df017aa12e68865e3f838d27c5d596537c750
SHA512

9b156f45237706c6d31ae005568894a1940ec0b898bf16024feabf8e59aac63f7fe48a733ea225d243de8c59e38c55b52ba666ff5f4c86ceea45bb26f06104d4
SSDEEP

3072:60c6VBLGVF9dIah/+QWTukWSrTDRmWOPhMFUu2w:S6VpEX/Oik/se2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
baf82eb3d9dd544320703f58a350adee_JaffaCakes118

Files

baf82eb3d9dd544320703f58a350adee_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0d64751b5c1388f9b7aff9348f0fa765

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
GetModuleFileNameA
LeaveCriticalSection
GetLastError
GetProcAddress
LocalFree
ExitProcess
InterlockedIncrement
LoadLibraryA
WaitForSingleObject
CreateProcessA
Sleep
CloseHandle
OpenEventA
EnterCriticalSection
CreateDirectoryA
UnmapViewOfFile
InterlockedDecrement
GetTickCount
CreateEventA
lstrlenA
GetModuleHandleA
MapViewOfFile
CopyFileA
lstrlenW
GetCommandLineA
InterlockedCompareExchange
ReleaseMutex

ole32

CreateBindCtx
CoCreateGuid
CoInitialize
OleCreate
OleSetContainedObject
CoUninitialize

user32

GetSystemMetrics
SetWindowLongA
DefWindowProcA
GetParent
SetTimer
GetMessageA
PostQuitMessage
RegisterWindowMessageA
SendMessageA
KillTimer
DestroyWindow
PostMessageA
TranslateMessage
FindWindowA
GetWindowLongA
GetClassNameA
CreateWindowExA
DispatchMessageA

oleaut32

SysAllocString
SysFreeString
SysAllocStringLen

advapi32

RegSetValueExA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

Exports

Exports

appPadmon2

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d64751b5c1388f9b7aff9348f0fa765

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

advapi32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB