f446de97dbce0720aa254fc9ea8259c0_JaffaCakes118

General

Target

f446de97dbce0720aa254fc9ea8259c0_JaffaCakes118
Size

16KB
MD5

f446de97dbce0720aa254fc9ea8259c0
SHA1

262b7ab4eefb0a7295c4df19a37f4c72e07060e4
SHA256

279afafc19f9a52776c93f3f5e5eb9f4eb92eea8f1379f4d30a47b4b5463aa9a
SHA512

103f3611e580218a6489b6335769a50a8d74d228de7566073a0c3067fcfa3cb75566e8af1030b82af87077034cdd20454feca449d7671665d08e9f8786b2348b
SSDEEP

384:A7tzdMbLERgJ8UYAYEqaBZF4LdN6MCfyu8kNsa:AR0LERguUYAYFJNFQyu8kNsa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f446de97dbce0720aa254fc9ea8259c0_JaffaCakes118

Files

f446de97dbce0720aa254fc9ea8259c0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8de7590bec91e59a25debec0b9248759

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
CreateRemoteThread
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetProcAddress
GetModuleHandleA
DeleteFileA
CreateFileA
WriteFile
OpenEventA
Sleep
GetFileSize
ReadFile
GetModuleFileNameA
UnmapViewOfFile
CreateToolhelp32Snapshot
CreateFileMappingA
SetFilePointer
TerminateProcess
VirtualProtectEx
ReadProcessMemory
GetCurrentProcess
CreateEventA
SetThreadPriority
CreateThread
GetCurrentProcessId
GlobalFree
IsBadReadPtr
OutputDebugStringA
GlobalLock
GlobalAlloc
GetTickCount
Process32First
Process32Next
CloseHandle
VirtualFree
MapViewOfFile
VirtualAlloc

user32

UnhookWindowsHookEx
FindWindowA
GetWindowThreadProcessId
SetWindowsHookExA
CallNextHookEx
wsprintfA
GetInputState
PostThreadMessageA
GetMessageA

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdata
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8de7590bec91e59a25debec0b9248759

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Sections

.text Size: 14KB - Virtual size: 13KB

sdata Size: 512B - Virtual size: 260B

.reloc Size: 1024B - Virtual size: 896B

.text
Size: 14KB - Virtual size: 13KB

sdata
Size: 512B - Virtual size: 260B

.reloc
Size: 1024B - Virtual size: 896B