05916e434ca6bc3a5d08310c15c72839_JaffaCakes118

General

Target

05916e434ca6bc3a5d08310c15c72839_JaffaCakes118
Size

16KB
MD5

05916e434ca6bc3a5d08310c15c72839
SHA1

55f13deee4ffc652a51d0cf8affd33e87c28e338
SHA256

db952761f0265c905a89528510303a764d3f35088c8c6b9770eaffafb9f41bde
SHA512

a9e202cf2787c7a70cf63139528b280d2cdbe1118bdf1e93b3d7b4489091172890a87ecc48391b852b5923fb62e12dabe21d670e9b28909055c44121d6678bb8
SSDEEP

384:NjPwjZ/1e0e7eEe1eQsFN3+LTXIuBBQARQkIlL838:Nj627KroQukLTXfBBQARQkIlL4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05916e434ca6bc3a5d08310c15c72839_JaffaCakes118

Files

05916e434ca6bc3a5d08310c15c72839_JaffaCakes118
.dll windows:4 windows x86 arch:x86

409cd6ec687c0f1d292b6640b58399be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA

user32

wsprintfA
SendMessageA
PostMessageA
SetWindowLongA
GetWindowLongA
GetWindowThreadProcessId
GetWindowTextA
CallWindowProcA
KillTimer
SetTimer
EnumWindows

ws2_32

inet_ntoa

msvcrt

malloc
_adjust_fdiv
free
memcpy
memcmp
memset
_initterm

kernel32

RtlZeroMemory
IsBadWritePtr
VirtualQueryEx
VirtualProtectEx
lstrlenW
WideCharToMultiByte
LoadLibraryExW
WriteProcessMemory
lstrcpynA
lstrlenA
VirtualAlloc
GetCurrentProcess
ReadProcessMemory
VirtualFree
EnterCriticalSection
lstrcpyA
LeaveCriticalSection
lstrcmpiA
GetCurrentProcessId
GetFileAttributesA
MoveFileA
InitializeCriticalSection
GetModuleFileNameA
lstrcatA
GetPrivateProfileStringA
lstrcmpA
GetProcAddress
CreateThread
DeleteCriticalSection
GetExitCodeThread
TerminateThread
CloseHandle
GetModuleHandleA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

409cd6ec687c0f1d292b6640b58399be

Headers

File Characteristics

Imports

wininet

user32

ws2_32

msvcrt

kernel32

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 69KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 69KB

.reloc
Size: 1KB - Virtual size: 1KB