06212e17e57f9557ab06cdd170c23fd0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

06212e17e57f9557ab06cdd170c23fd0_JaffaCakes118
Size

72KB
MD5

06212e17e57f9557ab06cdd170c23fd0
SHA1

e011511ae4c80f62cdfe4d7b79ee61721f770b78
SHA256

84fa87590c19dade1878fad03347c84e07e16f0558f6c014d634dd2ee0a7e10d
SHA512

08ba9418a095147336a03aeebf67f9f180a31efed2d1c38613fa9f5dc94eaf4d1cc21b1b469034b09b62a944b9c21643dec3ff1dfe41e30186040fa1564c0c39
SSDEEP

768:10AhACwJJPJtKkWLChV73pZtPTiXab05Adb0HXqtoZZJXTZGXIvzo9akf:10CsPJtKkWiNTIvydb03pbNov

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06212e17e57f9557ab06cdd170c23fd0_JaffaCakes118

Files

06212e17e57f9557ab06cdd170c23fd0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dbc3c4a3c5964f576b263324c6b63677

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
TerminateProcess
ReadFile
PeekNamedPipe
GetLastError
WaitForSingleObject
CloseHandle
GetStartupInfoA
CreatePipe
CreateProcessA
SetCurrentDirectoryA
GetCurrentDirectoryA
LoadLibraryW
ExpandEnvironmentStringsW
GlobalAlloc
DeleteFileA
CreateFileA
FindNextFileA
FileTimeToDosDateTime
FindFirstFileA
GetModuleFileNameW
OpenProcess
GetVersionExA
SetFileTime
SystemTimeToFileTime
WriteFile
SetFileAttributesA
GetFileAttributesA
GetModuleFileNameA
CreateSemaphoreA
GlobalMemoryStatus
GetSystemDirectoryA
GetWindowsDirectoryA
GetVersionExW
GetSystemInfo
GetDriveTypeA
GetDiskFreeSpaceExA
GlobalFree
ReleaseMutex
SetThreadPriority
CreateThread
CreateMutexW
CopyFileA
Sleep
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
HeapFree
HeapAlloc
GetFileType
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
VirtualAlloc
HeapReAlloc
SetHandleCount
GetStdHandle
SetFilePointer
SetStdHandle
SetEndOfFile
GetCurrentProcess
FlushFileBuffers
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW

advapi32

GetUserNameA

ws2_32

WSCEnumProtocols
WSASocketW
gethostname
recv
ioctlsocket
WSAGetLastError
select
send
socket
setsockopt
inet_addr
gethostbyname
closesocket
htons
connect
WSAStartup
WSACleanup
WSCGetProviderPath

Exports

Exports

RunDll32
WSPStartup

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbc3c4a3c5964f576b263324c6b63677

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 333KB

Shared Size: 4KB - Virtual size: 4B

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 333KB

Shared
Size: 4KB - Virtual size: 4B

.reloc
Size: 8KB - Virtual size: 5KB