JaffaCakes118_9024d3bbe07bd9ffcc96b38cc62d6c1ace16c2d65dabee75c4e1072e3a147655

General

Target

JaffaCakes118_9024d3bbe07bd9ffcc96b38cc62d6c1ace16c2d65dabee75c4e1072e3a147655
Size

37KB
MD5

97520a665f7c0a60b71aede6d4870fb2
SHA1

9fc0455c329c6f9e1d88df5e38761c4ca4ad82cc
SHA256

9024d3bbe07bd9ffcc96b38cc62d6c1ace16c2d65dabee75c4e1072e3a147655
SHA512

de8ae265a10eb31b4c9b922f9ca1b6cdb46b1f6d735f70dd84490882c2270fe6fa81a070a500c575b669071bb6f8e8faaa55f60e495c8edeefafd37835397e76
SSDEEP

768:TaS5xGWV8k5Az7QPQRqWvl5D5cWX8BXdjIGkSIesWYn2Egh9JtleNCiJf:TaGGA35woWvl5+WM0BeDY0Xtl+L

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/97c320926eba29d86197e65c87f5b8c8

JaffaCakes118_9024d3bbe07bd9ffcc96b38cc62d6c1ace16c2d65dabee75c4e1072e3a147655
.zip

Password: infected
97c320926eba29d86197e65c87f5b8c8
.dll regsvr32 windows:6 windows x64 arch:x64

09c9c2ec23b4c5a7761cd6779bf7df43

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
Sleep

user32

SendMessageA
SetTimer
KillTimer
MessageBoxA
GetClassNameA

Exports

Exports

?GetPrm@@YAHXZ
DllRegisterServer

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ