f029078928720b2b12ee88e9ca87f3c6_JaffaCakes118

General

Target

f029078928720b2b12ee88e9ca87f3c6_JaffaCakes118
Size

33KB
MD5

f029078928720b2b12ee88e9ca87f3c6
SHA1

5a2be17224034261dbe082d3953e179d17e38afd
SHA256

d8ace5050cb13b50da92541bb7423a8356b4b2a90844d06b262b5bce8d2ed4b1
SHA512

252a1ff646658e58f9ab74e29c9799a815aa925d0d77e0b89c8c7e27796f588e773f825645128c6a86ce828d752a795c39d1c44088637c5c3adfcfe6ee335bb2
SSDEEP

768:fECiJP0f2yXa9mQwkQgtAJey8uaUQ9xHMc1vyU0:fElJPlyXa9mxGAujsCvl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f029078928720b2b12ee88e9ca87f3c6_JaffaCakes118

Files

f029078928720b2b12ee88e9ca87f3c6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b38334767c4f574f0cf597094efcc377

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetReadFile
HttpQueryInfoA
HttpSendRequestA
InternetOpenUrlA
InternetCrackUrlA
InternetOpenA
InternetConnectA
InternetCloseHandle
HttpOpenRequestA

user32

GetWindowLongA
GetWindowThreadProcessId
GetWindowTextA
EnumChildWindows
CallWindowProcA
GetParent
SetWindowLongA
EnumWindows
wsprintfA

ws2_32

inet_ntoa
closesocket

msvcrt

_adjust_fdiv
malloc
_initterm
free
??2@YAPAXI@Z
??3@YAXPAX@Z
sscanf
isalnum
memcpy
memcmp
memset

kernel32

GetCommandLineA
GetExitCodeThread
TerminateThread
GetCurrentDirectoryA
GetCurrentProcessId
IsBadReadPtr
GetPrivateProfileStringA
lstrcmpA
lstrlenW
WideCharToMultiByte
lstrcpyA
GetCurrentProcess
VirtualQueryEx
VirtualProtectEx
ReadProcessMemory
WriteProcessMemory
lstrcpynA
Sleep
ExitProcess
lstrcatA
lstrcmpiA
GetModuleFileNameA
GetFileSize
CreateFileA
GlobalAlloc
ReadFile
GlobalFree
GetLastError
lstrlenA
GetModuleHandleA
GetProcAddress
CreateThread
CloseHandle

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b38334767c4f574f0cf597094efcc377

Headers

File Characteristics

Imports

wininet

user32

ws2_32

msvcrt

kernel32

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 18KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 18KB

.reloc
Size: 3KB - Virtual size: 3KB