f5086aee369f4bdccba7d47330dae6df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5086aee369f4bdccba7d47330dae6df_JaffaCakes118
Size

18KB
MD5

f5086aee369f4bdccba7d47330dae6df
SHA1

83ed09ede6a73cffa2bd820c8297415f8037dbc7
SHA256

3fe9c670eaf378833aa2ed953f8cb88f33d1aedd50c94a9d83ea5faa445e5992
SHA512

39bb0845b062ed808f9424dc3b69f69f2ad38e1ba0e63fc419fbd681312d8a6b580f226fb837ca2d923d5800a69323ffe93519b340e232133d020d992d273536
SSDEEP

384:6SjVazRRVs4D8e5t+YjpKDMDeV6At+UladGSGKLAlzSA:Cs4D80VcwDeV6At+UMcSU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5086aee369f4bdccba7d47330dae6df_JaffaCakes118

Files

f5086aee369f4bdccba7d47330dae6df_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f193f8becfa447e4441df5c10b4ebed5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
lstrcatA
GetSystemDirectoryA
IsBadReadPtr
lstrcmpA
lstrcmpiA
Sleep
lstrcpyA
ExitProcess
lstrlenA
GetTickCount
lstrcpynA
WritePrivateProfileStringA
GetSystemTime
GetTempPathA
GetPrivateProfileStringA
GetModuleFileNameA
GetModuleHandleA
CloseHandle
ReadFile
SetFilePointer
CreateFileA
CreateThread
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA

user32

CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
PostThreadMessageA
FindWindowA

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenA
InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA

Exports

Exports

prkai
progof

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ