dc7cf88ab38fd0549d03b44343f2a501_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dc7cf88ab38fd0549d03b44343f2a501_JaffaCakes118
Size

28KB
MD5

dc7cf88ab38fd0549d03b44343f2a501
SHA1

69b5aafa9d19465fdfd7f62b202d909f94a7383b
SHA256

47ffe33ab1dbe0997bd356e3afc950260d43f4f38c41a45b383c032448b2f192
SHA512

e0427fb858c98738b2e7b1e1063ca53d4bc0b0b4b8adcbd07cf4e88ea53f5c8f0445eebb7e17eff0fe0de6938f6e6836fa49283f9eff3ba10507f071838a0552
SSDEEP

384:/dTAItjMrWUcfHqkY9orW5zMu8DVHvZKVJF8/LYG6cRhYk1IgiTd:/dRM6UsKkYeCINDJ8JF8/6cvYk1IjTd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc7cf88ab38fd0549d03b44343f2a501_JaffaCakes118

Files

dc7cf88ab38fd0549d03b44343f2a501_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

643b9fa555af93f6dd998c2bf0e1cd5d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
SetEvent
CloseHandle
WaitForSingleObject
ExitThread
GetTickCount
lstrlenW
GetModuleHandleA
lstrcpyW
lstrcatW
HeapFree
GetProcessHeap
IsBadStringPtrA
lstrcmpA
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
GetSystemDirectoryW
lstrcpyA
HeapAlloc
HeapReAlloc
lstrlenA
CompareStringW
Sleep
lstrcatA
GetSystemDirectoryA
SetFilePointer
CreateFileA
ReleaseMutex
SetEndOfFile
CreateEventA
CreateMutexA
CreateThread
ReadFile
WriteFile
WriteProcessMemory
GetCurrentProcess
VirtualProtect
lstrcmpiA
GetSystemDefaultUILanguage

user32

CharLowerA
wsprintfW
CharUpperW
wsprintfA

advapi32

CryptDecrypt
InitializeSecurityDescriptor
CryptReleaseContext
CryptDestroyKey
CryptDestroyHash
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
CryptEncrypt
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptAcquireContextA
SetSecurityDescriptorDacl

ole32

StringFromIID
CoGetMalloc

oleaut32

SysFreeString
SysAllocString

wininet

InternetConnectA
InternetCrackUrlW
InternetCrackUrlA

urlmon

CoInternetCombineUrl

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

643b9fa555af93f6dd998c2bf0e1cd5d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

wininet

urlmon

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 340B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 340B

.reloc
Size: 1KB - Virtual size: 1KB