074d1cecc0c9845ca0af4de56e2fc4ef_JaffaCakes118

General

Target

074d1cecc0c9845ca0af4de56e2fc4ef_JaffaCakes118
Size

36KB
MD5

074d1cecc0c9845ca0af4de56e2fc4ef
SHA1

9635dfe7207c043344474f2f4d75c11ebeab3290
SHA256

0e777269f29f5e78d4e5bd026a7b413561a4ad976774825b452ecf130894dd58
SHA512

aa34dcc5e91028b30dc93cf56947aa3e11bc9c0447825610ee251511d2ea7bb5842e06b8d87ac7a92433534b52a973485f7c4bcef913dec4ff121e85080dbfd3
SSDEEP

384:PdWN2nh/Qs+Qs0Y2Tjzkv5MSiTTy5gzrzgn391hriULD6C7BvUc6WOpBQJJqIO:oknhXzs0RkvOzTTogzrzSLhF64Uc9TL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
074d1cecc0c9845ca0af4de56e2fc4ef_JaffaCakes118

Files

074d1cecc0c9845ca0af4de56e2fc4ef_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6884ddceda762ea715ca8c034d8dde42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

iphlpapi

SendARP
GetIpForwardTable
GetAdaptersInfo
GetBestInterface

kernel32

ExitThread
GetModuleFileNameA
GetTickCount
GetVersionExA
Sleep
WaitForSingleObject
lstrlenA
CloseHandle
lstrcpyA
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
lstrcmpA
ExitProcess
WinExec
MoveFileA
LoadLibraryA
CreateFileW
GetVersion
GetLastError
WriteFile
DeviceIoControl
MultiByteToWideChar
TerminateThread
CreateFileA
CreateThread
lstrcatA

user32

wsprintfA
GetDesktopWindow

advapi32

OpenServiceA
StartServiceA
RegSetValueExA
OpenSCManagerA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
CreateServiceA

shell32

ShellExecuteA

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetGetConnectedState
HttpSendRequestA

urlmon

URLDownloadToFileA

ws2_32

htons
WSAConnect
WSASocketA
WSAStartup
connect
bind
ioctlsocket
gethostbyname
gethostname
inet_addr
inet_ntoa
socket
recv
closesocket
shutdown
send

msvcrt

malloc
wcscpy
memset
rand
srand
strncpy
free
strstr
atoi
strchr
strtok
wcscat

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6884ddceda762ea715ca8c034d8dde42

Headers

File Characteristics

Imports

iphlpapi

kernel32

user32

advapi32

shell32

wininet

urlmon

ws2_32

msvcrt

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 98KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 98KB

.reloc
Size: 4KB - Virtual size: 1KB