03567949e5e2b0b71b1af6522ccf5e6d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

03567949e5e2b0b71b1af6522ccf5e6d_JaffaCakes118
Size

119KB
MD5

03567949e5e2b0b71b1af6522ccf5e6d
SHA1

7e7ca9687821091a6dc7df714abd0d71b3fe8d98
SHA256

790e9cd4ef665b30fba74cb5d1e1cebdf44e1e7e1f1351c1a2b12a3d52460f39
SHA512

08d48783bc9271083eb80ae9e39f45359936367468771e526b437d17f91278740210e9fe8bf6149f99a7a1cfa234b5bbaefefc1360ca55a55e80ac5c73829bd8
SSDEEP

1536:jR6lvMqqU+2bbbAV2/S2zmNrDbhYOYZQRaSTBlJ4sE5Tn6OlzzIhgZbIJoc7Xvj:6vMqqDL2/zKpnahQOugZ0Joc7b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03567949e5e2b0b71b1af6522ccf5e6d_JaffaCakes118

Files

03567949e5e2b0b71b1af6522ccf5e6d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

308c8d7f1030fdbd6b3d70edc6684e78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemDirectoryA
lstrcpyA
FindClose
FindNextFileA
FindFirstFileA
lstrcpynA
ExpandEnvironmentStringsA
lstrcmpA
GetWindowsDirectoryA
ReleaseMutex
GetModuleHandleA
GetLastError
CreateMutexA
GetSystemTimeAsFileTime
lstrcatA
LeaveCriticalSection
Sleep
EnterCriticalSection
CreateThread
InitializeCriticalSection
DeleteCriticalSection
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
WinExec
CreateFileA
WriteFile
CloseHandle
GetFileTime
SetFileTime
lstrlenA
GetTickCount
GetSystemTime
FlushFileBuffers
GetStringTypeW
GetStringTypeA
RtlUnwind
HeapReAlloc
HeapAlloc
HeapFree
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
VirtualFree
VirtualAlloc
IsBadWritePtr
ExitProcess
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetFilePointer
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
RaiseException

user32

wsprintfA

advapi32

RegEnumValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA

shlwapi

PathFileExistsA
PathIsDirectoryA

wininet

InternetCloseHandle
HttpOpenRequestA
InternetConnectA
InternetSetOptionA
InternetOpenA
InternetReadFile
HttpSendRequestA

Exports

Exports

Func
_DllMain@12
regReadString
regWriteString

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shrd
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

308c8d7f1030fdbd6b3d70edc6684e78

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

wininet

Exports

Exports

Sections

.text Size: 109KB - Virtual size: 109KB

shrd Size: 512B - Virtual size: 12B

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 109KB - Virtual size: 109KB

shrd
Size: 512B - Virtual size: 12B

.reloc
Size: 6KB - Virtual size: 6KB