28828e3f51b8f5d2ea690e7d13ac3400_JaffaCakes118

General

Target

28828e3f51b8f5d2ea690e7d13ac3400_JaffaCakes118
Size

253KB
MD5

28828e3f51b8f5d2ea690e7d13ac3400
SHA1

21c77aa3e38f43f6c33a6f3c84024239855ef21f
SHA256

4b01be4d8e7b3d1813b721070ec30bb920e41410d8387c73ba744f289ffd04c0
SHA512

f505d052a911abae7e1ad409f105ef41f563d34879960b68cb8a3d0c385b2da092375e31cf5aaae8531a1a01ac471849f3f3c40d5d46fc5da02b671613d3db5b
SSDEEP

6144:wp78nMINWDBVEASAS9Fl13ATzbttb8IWZ9f9:0IN8fEjsTXtmD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28828e3f51b8f5d2ea690e7d13ac3400_JaffaCakes118

Files

28828e3f51b8f5d2ea690e7d13ac3400_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

5bea21a56006b31e51f3698280f4e62a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
HeapFree
GetProcessHeap
GetLastError
GetProcAddress
LoadLibraryA
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
RtlUnwind
VirtualAlloc
HeapReAlloc
InitializeCriticalSectionAndSpinCount
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5bea21a56006b31e51f3698280f4e62a

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 137KB - Virtual size: 140KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 137KB - Virtual size: 140KB

.reloc
Size: 5KB - Virtual size: 4KB