24f4fe08f1e0f53fa78a168bb9a0c103_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24f4fe08f1e0f53fa78a168bb9a0c103_JaffaCakes118
Size

32KB
MD5

24f4fe08f1e0f53fa78a168bb9a0c103
SHA1

5c6b1ce026d8c975ee44130998a433586435d02f
SHA256

2aeba12a0b1f1eac616a2c42bb6085c36033f51d09d7eeaaafe962c7fd7d15ff
SHA512

ba9e4739aae39497a7865d217e1da91e676ca089e849b93ea0a91087967506c9a3ecac3b22a56211a57d77f73ebb7928d6a2109d522f5cf186e34eaacae42095
SSDEEP

384:Uo2yn2zCxRRe+ZpWYFOUINkkOjUFfaCa2JukPaasmNXYaBVfWttdDqeWU9aH2AxE:T2BJLZrPaasmNXYa3etHWlH2qYzvfX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24f4fe08f1e0f53fa78a168bb9a0c103_JaffaCakes118

Files

24f4fe08f1e0f53fa78a168bb9a0c103_JaffaCakes118
.dll windows:6 windows x86 arch:x86

753e96f88611c964a3a232565dce15c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSAAsyncSelect
WSAGetServiceClassNameByClassIdW
WSAInstallServiceClassA
WSASendDisconnect
WSASetBlockingHook
WSAWaitForMultipleEvents
WSCDeinstallProvider
connect
listen
send

crypt32

CertCompareIntegerBlob
CertDeleteCertificateFromStore
CryptGetOIDFunctionAddress

wininet

FreeUrlCacheSpaceW
GopherGetAttributeA
HttpEndRequestA
RetrieveUrlCacheEntryFileA

mswsock

GetAcceptExSockaddrs
GetAddressByNameA
GetNameByTypeA
NPLoadNameSpaces
TransmitFile
WSARecvEx

kernel32

CloseHandle
CompareFileTime
CreateFileMappingW
CreateFileW
DeleteFileW
EnumSystemCodePagesW
FileTimeToSystemTime
GetFileSize
GetLastError
GetLocalTime
GetVersion
GetWindowsDirectoryW
MapViewOfFile
SearchPathW
SetFilePointer
Sleep
SystemTimeToFileTime
UnmapViewOfFile
WriteFile
lstrcatW
lstrcpyW
lstrlenW

ole32

CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysFreeString

msvcrt

_adjust_fdiv
_initterm
free
malloc
memcpy
memmove
memset
wcschr

Exports

Exports

lgwtfkjkg

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

753e96f88611c964a3a232565dce15c8

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

crypt32

wininet

mswsock

kernel32

ole32

oleaut32

msvcrt

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 424B

.reloc Size: 1024B - Virtual size: 784B

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 424B

.reloc
Size: 1024B - Virtual size: 784B