f6e3f0bb2ea77d6e5bebc9b564f957cd_JaffaCakes118

General

Target

f6e3f0bb2ea77d6e5bebc9b564f957cd_JaffaCakes118
Size

11KB
MD5

f6e3f0bb2ea77d6e5bebc9b564f957cd
SHA1

de2aa8d34957dc2f6675aa19e9cef29df8622b90
SHA256

9279adf666a2201ba089d0b1d72a121c8ee0eea1f6bf73664a30b580232eef6d
SHA512

ad3efa95a5a8f4623dced088abcfa6a9f044ab8d3b5b322fdd2040f41342578f4a41ea7d14cab7cfbd851e3cc01ffafb0f0d3db4d76567f3910c0f9aca8680ef
SSDEEP

192:m7q4tkJXAWdleajhtdShUZsBa0mRBbq5hPKWwLQ9Wl8:mW4t0QWdvtShTa0mqhPKWx9Wl8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6e3f0bb2ea77d6e5bebc9b564f957cd_JaffaCakes118

Files

f6e3f0bb2ea77d6e5bebc9b564f957cd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

226efb43440a1d58e791e0ed9455f3ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

memcpy
??2@YAPAXI@Z
??3@YAXPAX@Z
strtok
strlen
strcpy
strcat
memset

kernel32

GetVersionExA
GetModuleFileNameA
GetModuleHandleA
SetFileTime
CloseHandle
GetFileTime
CreateFileA
lstrcatA
GetSystemDirectoryA
GetFileAttributesA
VirtualFree
CreateDirectoryA
lstrcpyA
VirtualAlloc
lstrcmpiA
CreateProcessA
GetStartupInfoA
WriteFile
SetFilePointer
lstrlenA
GetLastError
lstrcmpA
lstrcpynA
Sleep
MoveFileExA
GetTempFileNameA
GetTempPathA

user32

wsprintfA
CharToOemA

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA

shell32

ShellExecuteA

ntdll

RtlDecompressBuffer

shlwapi

PathQuoteSpacesA
PathRemoveFileSpecA
PathFindFileNameA
StrStrIA

Exports

Exports

Language

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 706B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

226efb43440a1d58e791e0ed9455f3ee

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

ntdll

shlwapi

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 14KB

.rsrc Size: 1024B - Virtual size: 1008B

.reloc Size: 1024B - Virtual size: 706B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 14KB

.rsrc
Size: 1024B - Virtual size: 1008B

.reloc
Size: 1024B - Virtual size: 706B