fdd800277d88027786829590a8bd72dd_JaffaCakes118

General

Target

fdd800277d88027786829590a8bd72dd_JaffaCakes118
Size

91KB
MD5

fdd800277d88027786829590a8bd72dd
SHA1

dcc8b055ed49c1878097a9e6179781f0765aaa4a
SHA256

b54296d4af22f0285fc1df865d7bfb298ef69c529908d6b7d6c21b47cbb80a55
SHA512

9440919e91dfb1607bdffc6d2212696add3728234ba9633462df7e54cc6c6d310d655dbdf9cc0e4db885ede5a8d8dfc0bd7288b4f1039f158db60bfdda550021
SSDEEP

768:nWpWg1BwHVSzKQx/oLBiBYbSYiFmRt8QLL6QLnDn9y2SQMQYyPKKeexpG/DDKUTe:nwtBv2nxJX6AnDn9MQMQYZjJVrUG8ZF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdd800277d88027786829590a8bd72dd_JaffaCakes118

Files

fdd800277d88027786829590a8bd72dd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8730809fd0b38406835978620e613071

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetWindowsDirectoryA
GetEnvironmentVariableA
FindNextFileA
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetSystemTime
DeleteFileA
GetTempPathA
WriteFile
CreateProcessA
SetFileAttributesA
lstrlenA
GetTickCount
Sleep
MultiByteToWideChar
DisableThreadLibraryCalls
FindFirstFileA

msvcrt

strstr
strchr
free
atoi
strrchr
strpbrk
atol
__dllonexit
_onexit
_beginthread
wcslen
sprintf
??2@YAPAXI@Z
??3@YAXPAX@Z
srand

shlwapi

PathFileExistsA
SHDeleteValueA
SHGetValueA

wininet

InternetCheckConnectionA

rpcrt4

UuidToStringA

urlmon

URLDownloadToFileA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA

ole32

CoInitialize
CoUninitialize
CoCreateGuid

oleaut32

VariantClear
VariantInit
VariantCopy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysFreeString

Exports

Exports

Destroy
Init

Sections

.text
Size: 29KB - Virtual size: 1006KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8730809fd0b38406835978620e613071

Headers

File Characteristics

Imports

kernel32

msvcrt

shlwapi

wininet

rpcrt4

urlmon

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 1006KB

.rdata Size: 5KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 29KB - Virtual size: 1006KB

.rdata
Size: 5KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 4KB - Virtual size: 3KB