be83cbe9fdc5c5520a38de09836c24fa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

be83cbe9fdc5c5520a38de09836c24fa_JaffaCakes118
Size

19KB
MD5

be83cbe9fdc5c5520a38de09836c24fa
SHA1

ecc1569cb2c082650b7a599df2c217a3ce167a9c
SHA256

8f557801076a269010ad7147ec967e7d191b466715a44af996c6ab98a9ca9cc4
SHA512

499c38081607462a9215b334e23c331b4a2e096b4f5bb3d67c9961f30343f1508fc01d426ccf10427d75318d133b8bcae25697a6f76f0e7e554cc7ac41d6a828
SSDEEP

192:ccc8F50OyW98CQMsCOM6AbruAOJMEw8M6KV2aLnUwENrPpusuLzW6c/yXr2Xzh5w:fF50AlQMIMz3MoUZrxB6y5fY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be83cbe9fdc5c5520a38de09836c24fa_JaffaCakes118

Files

be83cbe9fdc5c5520a38de09836c24fa_JaffaCakes118
.dll windows:6 windows x86 arch:x86

8e699a248378ddf80f96b858b6bb9072

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
lstrlenA
LocalFree
GetProcessHeap
HeapAlloc
EnumResourceTypesA
lstrcpyA

odbc32

ord15
ord51
ord84
ord86
ord69
ord9

ws2_32

WSAAsyncGetServByPort
WSARecvDisconnect
WSASocketW

winspool.drv

GetPrinterDataA
EnumJobsW
StartDocPrinterW

user32

GetLastActivePopup
SystemParametersInfoW
RemovePropW
SetProcessWindowStation
GetUserObjectSecurity
GetMenuBarInfo
SetPropA
CheckMenuItem

setupapi

SetupQuerySourceListW
SetupDiInstallClassExA
SetupDiOpenDeviceInterfaceA
SetupInstallFileExW
SetupDiCreateDeviceInterfaceW
SetupAddToDiskSpaceListA
SetupDiBuildClassInfoListExW

msi

ord165
ord166
ord29
ord168
ord36
ord132
ord117

advapi32

GetUserNameA
RegOpenKeyExA
RegQueryValueExW
RegSetValueExW
RegCreateKeyExA
RegCloseKey
RegDeleteKeyExA

msvcrt

sprintf
memcpy

Exports

Exports

aziyeii

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e699a248378ddf80f96b858b6bb9072

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

odbc32

ws2_32

winspool.drv

user32

setupapi

msi

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 312B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 312B