dcbea9317f0e1bf2f0f2b64a72630133_JaffaCakes118

General

Target

dcbea9317f0e1bf2f0f2b64a72630133_JaffaCakes118
Size

116KB
MD5

dcbea9317f0e1bf2f0f2b64a72630133
SHA1

dfcce0417959cb4254a476065e02087581f6163c
SHA256

f591f8d1b3d8ab60fe73a7c089274de14fe546dfad0d25ed4e9f94ba4607d719
SHA512

7bf5542fde40f2314fd928eccd7dafafa502d4db667cf7870c622a6769d95fecaebf59e5c0503ae0607394b41c1223af1e746b3d5a5d0ec28ee6ff09a10d0212
SSDEEP

1536:NkUOyy7UWu9Q8OY40E6ZZh6fOSvae7ey8Pjh0l8+jko0dS6i817ywaxbbuZSAj3:NOyyAWuu+40th+F/uYkqpUywa2SAz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcbea9317f0e1bf2f0f2b64a72630133_JaffaCakes118

Files

dcbea9317f0e1bf2f0f2b64a72630133_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

657993359768fb0e4e68f08c7eadafe2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileW
GetPrivateProfileStringW
SetEvent
CreateEventW
GlobalAddAtomW
InterlockedIncrement
SetEndOfFile
SizeofResource
GetModuleFileNameW
FindNextFileW
QueryDosDeviceW
FindFirstFileW
InterlockedDecrement
GetLogicalDrives
DuplicateHandle
GetLocalTime
LoadLibraryA
WaitForSingleObject
CreateThread
FreeLibrary
WideCharToMultiByte
FindFirstChangeNotificationW
FindResourceExW
GetProcAddress
FindClose

user32

EndDialog
PostThreadMessageW
GetWindowRect
SetCapture
GetDlgItem
SetLayeredWindowAttributes
GetSystemMetrics
MessageBoxW
LoadCursorW
GetKeyState
IsWindow
LoadIconW
GetMessageW
IsDlgButtonChecked
SystemParametersInfoW
SetDlgItemTextW

gdi32

GetDeviceCaps
GetObjectW
LineTo
CreateRoundRectRgn
CreateSolidBrush
GetStockObject
StretchBlt
SetBkMode

advapi32

StartServiceW
RegQueryValueExW
RegSetValueExW
RegNotifyChangeKeyValue
RegOpenKeyExW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.rzjvk
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hvpx
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yaai
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

657993359768fb0e4e68f08c7eadafe2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.rzjvk Size: 96KB - Virtual size: 92KB

.hvpx Size: 4KB - Virtual size: 1KB

.yaai Size: 4KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 6KB

.rzjvk
Size: 96KB - Virtual size: 92KB

.hvpx
Size: 4KB - Virtual size: 1KB

.yaai
Size: 4KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 6KB