c7fcf936bb124906b021e058fdab3c93_JaffaCakes118

General

Target

c7fcf936bb124906b021e058fdab3c93_JaffaCakes118
Size

160KB
MD5

c7fcf936bb124906b021e058fdab3c93
SHA1

8ae8d5d474692804b60a7fbb9609b08018d57379
SHA256

2e8aa93c99ea3b587ef495e0e0ad321155dfb49d26baea6c7cd4d206c6d98e41
SHA512

a911208df41ffbe6efef7919cac0d06e6d8f2643c6bb4a2d2c63541add74b67fcaa3ee064f51d79faadfae26a5d6e38e9c2b2c3230fd1c7d886fcb4182c0c3ff
SSDEEP

3072:2/b5KU4TUGDgrvUNMUilBtXSYL1ijs+CXV8HEai:ItKU4TzDZNwBtxAjVweka

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7fcf936bb124906b021e058fdab3c93_JaffaCakes118

Files

c7fcf936bb124906b021e058fdab3c93_JaffaCakes118
.dll windows:4 windows x86 arch:x86

69c934683b831ea0b811ff1b343a0253

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
ExitProcess
FindResourceA
GetACP
GetCommandLineA
GetModuleHandleA
GetNumberFormatA
GetOEMCP
GetStartupInfoA
GlobalUnlock
HeapAlloc
HeapCreate
LoadResource
LockResource
MapViewOfFile
MultiByteToWideChar
RtlUnwind
SetLastError
SetStdHandle
SetThreadAffinityMask
SetUnhandledExceptionFilter

msvcrt

__p__commode
__set_app_type
malloc
realloc
strspn
__p__fmode

user32

FindWindowExA
GetFocus
DefDlgProcA
GetPropA
LoadIconA
LoadImageA
SendMessageA
ShowWindow
EndPaint
DestroyIcon

oleaut32

SysStringLen
ClearCustData
OleLoadPicture
OleLoadPicturePath
OleTranslateColor
RegisterTypeLi
SetErrorInfo
SysFreeString
VarBstrCat
GetErrorInfo
SysReAllocString

shlwapi

PathFileExistsA
PathFindOnPathA
SHOpenRegStreamA
SHSetValueA
StrChrA
StrSpnA
StrStrIA

Exports

Exports

CloseCaptureDevice
W32N_GetNetCardRegistryPath
XFromIchRaw2

Sections

.text
Size: 101KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69c934683b831ea0b811ff1b343a0253

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 101KB - Virtual size: 180KB

.data Size: 57KB - Virtual size: 60KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 101KB - Virtual size: 180KB

.data
Size: 57KB - Virtual size: 60KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB