dfef1559fe7ccebb32d0655a3f0cfa32_JaffaCakes118

General

Target

dfef1559fe7ccebb32d0655a3f0cfa32_JaffaCakes118
Size

124KB
MD5

dfef1559fe7ccebb32d0655a3f0cfa32
SHA1

2d051eedd444e7d7514dc6e2e5444819b084dfb0
SHA256

819af739147639341f0e0987e26a68baf7e9b77f000a2a47cfaf32cf56d0ec6d
SHA512

2197ff3eb7fa6f142837f7752b439a24704d8f7e72e82836e84dfaed5b34daf071a5a1b632ed76595f33d1e6d73d7f99d8c2d11b8aa0f386757991f6d4a953cb
SSDEEP

3072:vz7Y8lgkXXXlSwjbaopeZTet22ldPA7rAA95J:rN3zSxlet2q2rJJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfef1559fe7ccebb32d0655a3f0cfa32_JaffaCakes118

Files

dfef1559fe7ccebb32d0655a3f0cfa32_JaffaCakes118
.dll windows:4 windows x86 arch:x86

aca071ae9dc377d58bbcef175d3dbb0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OpenEventA
InterlockedCompareExchange
CreateEventA
UnmapViewOfFile
InterlockedDecrement
LeaveCriticalSection
Sleep
CopyFileA
lstrlenA
GetTickCount
ExitProcess
LoadLibraryA
GetProcAddress
EnterCriticalSection
LocalFree
InterlockedIncrement
lstrlenW
GetLastError
WaitForSingleObject
ReleaseMutex
MapViewOfFile
GetModuleFileNameA
GetCommandLineA
SetLastError
GetModuleHandleA
CreateDirectoryA
CloseHandle
CreateProcessA

ole32

CoCreateGuid
OleSetContainedObject
OleCreate
CreateBindCtx
CoUninitialize
CoInitialize

user32

FindWindowA
DestroyWindow
SetWindowLongA
GetMessageA
DispatchMessageA
KillTimer
SendMessageA
GetClassNameA
SetTimer
PostMessageA
GetSystemMetrics
RegisterWindowMessageA
TranslateMessage
PostQuitMessage
GetParent
DefWindowProcA
GetWindowLongA
CreateWindowExA

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA

Exports

Exports

ieapi80

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aca071ae9dc377d58bbcef175d3dbb0c

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 102KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 104KB - Virtual size: 102KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB