f9edc4ef7fcd7c722ea990117aa2ab8d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f9edc4ef7fcd7c722ea990117aa2ab8d_JaffaCakes118
Size

19KB
MD5

f9edc4ef7fcd7c722ea990117aa2ab8d
SHA1

b5b9584839518e99ba7ade2ee974a168d30b780c
SHA256

f7c00eabd86e1ad0eed7a4ae0d46d122125d9d77f9bef0b04496bbeb633925b9
SHA512

bb7e6909f8cbfb83fcb0025a2625fc6d946c46636dcf88cf37a6819b980e8ec6b9313e31dba9f651a16df839fd91d72d064674d7835c281c8b82a2305f6ebd21
SSDEEP

384:AQ8LZ05VHF6tuGYoPIM/+/Zp/+Ul1n964D0foNm/+V6XB2NKVJu8k:AjLCfHQAGYoPV+KMn96Dfwm/+VMBoKVg

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Anti-WPA-3-4-6/AMD64/antiwpa.dll
unpack001/Anti-WPA-3-4-6/X86/antiwpa.dll

Files

f9edc4ef7fcd7c722ea990117aa2ab8d_JaffaCakes118
.rar
Anti-WPA-3-4-6/AMD64/antiwpa.dll
.dll regsvr32 windows:4 windows x64 arch:x64

7be7512539b15faa1d7be075a869faa8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
GetTickCount
GetSystemDirectoryA
FindFirstFileA
GetLastError
lstrcmpiA
GetModuleHandleA
FindClose
MoveFileA
GetModuleFileNameA
FindNextFileA
DeleteFileA
VirtualProtect
IsBadReadPtr
CopyFileA
VirtualQuery
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

advapi32

RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA

user32

GetForegroundWindow
MessageBoxA
GetSystemMetrics

shlwapi

PathAddBackslashA
PathAppendA
PathRemoveFileSpecA
PathStripPathA

shell32

ShellExecuteA

ntdll

_vsnprintf
memset
_strcmpi
_stricmp

Exports

Exports

DllRegisterServer
DllUnregisterServer
onLogon

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 256B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 256B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 768B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 42B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Anti-WPA-3-4-6/AntiWPA3.cmd
Anti-WPA-3-4-6/IA64/antiwpa.dll
Anti-WPA-3-4-6/X86/antiwpa.dll
.dll regsvr32 windows:4 windows x86 arch:x86

1f26eabaff531a1b45981ced728199a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
GetTickCount
GetSystemDirectoryA
FindFirstFileA
GetLastError
lstrcmpiA
GetModuleHandleA
FindClose
MoveFileA
GetModuleFileNameA
FindNextFileA
DeleteFileA
VirtualProtect
VirtualQuery
IsBadReadPtr
CopyFileA

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA

user32

GetSystemMetrics
MessageBoxA
GetForegroundWindow

shlwapi

PathAddBackslashA
PathAppendA
PathStripPathA
PathRemoveFileSpecA

shell32

ShellExecuteA

ntdll

_vsnprintf
_strcmpi
_stricmp
memset

Exports

Exports

DllRegisterServer
DllUnregisterServer
onLogon

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 768B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 218B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Anti-WPA-3-4-6/readme.txt

Sharing

General

Malware Config

Signatures

Files

7be7512539b15faa1d7be075a869faa8

Headers

File Characteristics

Imports

kernel32

advapi32

user32

shlwapi

shell32

ntdll

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.pdata Size: 256B - Virtual size: 120B

.CRT Size: 256B - Virtual size: 8B

.rsrc Size: 768B - Virtual size: 664B

.reloc Size: 256B - Virtual size: 42B

1f26eabaff531a1b45981ced728199a6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

shlwapi

shell32

ntdll

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rsrc Size: 768B - Virtual size: 656B

.reloc Size: 256B - Virtual size: 218B

.text
Size: 6KB - Virtual size: 6KB

.pdata
Size: 256B - Virtual size: 120B

.CRT
Size: 256B - Virtual size: 8B

.rsrc
Size: 768B - Virtual size: 664B

.reloc
Size: 256B - Virtual size: 42B

.text
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 768B - Virtual size: 656B

.reloc
Size: 256B - Virtual size: 218B