JaffaCakes118_722d2bf862672a0a5e904bfbc07e8151cf31ea9c6bd0c0642dff19180bb788b9

General

Target

JaffaCakes118_722d2bf862672a0a5e904bfbc07e8151cf31ea9c6bd0c0642dff19180bb788b9
Size

37KB
MD5

680cf0e8ce38601a6978b204e00534f3
SHA1

d36a09a1064ad33902d9d2af1976430cd344e31f
SHA256

722d2bf862672a0a5e904bfbc07e8151cf31ea9c6bd0c0642dff19180bb788b9
SHA512

8f8610bd02e4d5cd6527a217d95b563ec55cde2cd2a0700197cf90ba5db4b71d626950a14b01d44bd1a47076722c50c0e16500415f9d23c8f2ccaa80e83bd732
SSDEEP

768:hB+h2P7CnOwAdvVFxOXyu/jQj4QEdSYTOspa3tBmmT:hB62PYOLbyXyu/ySuspa33lT

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/44266.8303592593.dat

JaffaCakes118_722d2bf862672a0a5e904bfbc07e8151cf31ea9c6bd0c0642dff19180bb788b9
.zip

Password: infected
44266.8303592593.dat
.dll regsvr32 windows:6 windows x64 arch:x64

015f7aaddd9f464d8fe721bf20f7b501

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
Sleep

user32

SendMessageA
SetTimer
KillTimer
GetClientRect
MessageBoxA
GetClassNameA

Exports

Exports

?GetPrm@@YAHXZ
DllRegisterServer

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ