cf20932536d630cd3c1d1d82cc1589ae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cf20932536d630cd3c1d1d82cc1589ae_JaffaCakes118
Size

81KB
MD5

cf20932536d630cd3c1d1d82cc1589ae
SHA1

bbc00e34b843d20c5e11799ec8d7f86c82cab202
SHA256

18bdc3e648e8b048561ebea2333efe754bacddf551b75be4c106b38adeadde27
SHA512

3e8c128662c972f756d6bb1cddf243e461a1cb698b5d972040b68f9a099bc862a404a9d8a956964b37b504daa2962cbcf94fcaf63bf931ab0d74c37eee5a2f28
SSDEEP

1536:Fir1bdODhmooJWaBQTFSSR/5sjA7gdna9jclZAKmcIRgWqZYjByYq2:FirPODhmTJWaBZScs0doAl6c6dqWlhq2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf20932536d630cd3c1d1d82cc1589ae_JaffaCakes118

Files

cf20932536d630cd3c1d1d82cc1589ae_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

a429f6246588cf076a9600b6b30ef759

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
LoadLibraryA
VirtualProtect
GetModuleFileNameA
ExitProcess

user32

GetKeyboardType
MessageBoxA

advapi32

RegQueryValueExA

oleaut32

SysFreeString

urlmon

URLDownloadToFileW

wininet

InternetReadFile

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aspr0
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aspr1
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

.aspr2
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a429f6246588cf076a9600b6b30ef759

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

urlmon

wininet

Exports

Exports

Sections

CODE Size: - Virtual size: 29KB

DATA Size: - Virtual size: 336B

BSS Size: - Virtual size: 2KB

.idata Size: - Virtual size: 2KB

.edata Size: - Virtual size: 162B

.aspr0 Size: - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 512B

.aspr1 Size: - Virtual size: 20KB

.aspr2 Size: 79KB - Virtual size: 78KB

.reloc Size: 512B - Virtual size: 204B

CODE
Size: - Virtual size: 29KB

DATA
Size: - Virtual size: 336B

BSS
Size: - Virtual size: 2KB

.idata
Size: - Virtual size: 2KB

.edata
Size: - Virtual size: 162B

.aspr0
Size: - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 512B

.aspr1
Size: - Virtual size: 20KB

.aspr2
Size: 79KB - Virtual size: 78KB

.reloc
Size: 512B - Virtual size: 204B