fcbe8f8fc799580135f8a6723b516b8e_JaffaCakes118

General

Target

fcbe8f8fc799580135f8a6723b516b8e_JaffaCakes118
Size

8KB
MD5

fcbe8f8fc799580135f8a6723b516b8e
SHA1

6b7a5b93d6c0b6a7920e947f73d7233eca5c435d
SHA256

4ae01c0862c5e5d1e08581ece7b3da323818ef9477d710d337cc4f2669d3bb9a
SHA512

693fb277e614818b91bac1ba36d3c12d3302b87c7dd6536cfb4b0abf76b5cf96591f79a86fee0ef15e0e54dd728b4db9707d8348ab58c8a1779202a6b22211b7
SSDEEP

96:0Bm0AzzDiuf0zFZRY0diwfVGxYkDVuzgqp5YpI4KApWkRk:kKPfmYrfZqpOIBA/k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcbe8f8fc799580135f8a6723b516b8e_JaffaCakes118

Files

fcbe8f8fc799580135f8a6723b516b8e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

c8bf22b8b241e72e223da947c70bf4ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowWindow
PostMessageA
GetForegroundWindow
GetClassNameA
wsprintfA
FindWindowExA

shell32

ShellExecuteA

kernel32

CloseHandle
CreateFileA
CreateThread
DeleteFileA
GetModuleFileNameA
GetSystemDirectoryA
GetSystemTime
GetTickCount
GetVersionExA
GetVolumeInformationA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
ReadFile
lstrlenA
Sleep
SystemTimeToFileTime
WinExec
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
SetFilePointer

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
GetUserNameA
RegCreateKeyExA

wininet

FindFirstUrlCacheEntryA
DeleteUrlCacheEntryA
FindNextUrlCacheEntryA

urlmon

URLDownloadToFileA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 393B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8bf22b8b241e72e223da947c70bf4ef

Headers

File Characteristics

Imports

user32

shell32

kernel32

advapi32

wininet

urlmon

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.bss Size: - Virtual size: 3KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 393B

.reloc Size: 512B - Virtual size: 484B

.text
Size: 4KB - Virtual size: 4KB

.bss
Size: - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 393B

.reloc
Size: 512B - Virtual size: 484B