08f267716ba9f5a21ad8d07cf4c44577_JaffaCakes118

General

Target

08f267716ba9f5a21ad8d07cf4c44577_JaffaCakes118
Size

29KB
MD5

08f267716ba9f5a21ad8d07cf4c44577
SHA1

54dcbaccc98e3c83c073f872a4e11e12ad76fe09
SHA256

c9d7578a9f83e45e370730ac80973be420a94cd3b6e31abcf00ab06216a1b5e9
SHA512

2e966d2463c92b19518eae36f33914204ee268ba6c6ed35f23706015c8eee4708a6bad585227599c7e742f1ea5cf0078d57da4db4824585e5d6501a1e1c1f51b
SSDEEP

192:eK0le9QYsWLQjIusTusFMqyNK+DeCPOZQhUaElbAdg6SHo6ak6mAOuz:se6WLQRUFnl+DJm/Hug676av1R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08f267716ba9f5a21ad8d07cf4c44577_JaffaCakes118

Files

08f267716ba9f5a21ad8d07cf4c44577_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a729be964ad21e65302977df9faa2331

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetTempPathA
GetWindowsDirectoryA
Sleep
CreateFileA
lstrcatA
ReadFile
GetCurrentProcessId
LocalAlloc
CreateThread
GetCommandLineA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
VirtualAlloc
Module32Next
Module32First
lstrlenA
VirtualProtect
CreateToolhelp32Snapshot
CloseHandle

user32

wsprintfA
EnumWindows
GetWindowThreadProcessId

advapi32

CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext

shlwapi

StrStrIA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

msvcrt

strstr
_except_handler3
strrchr
_purecall
__CxxFrameHandler
isprint
strncat
strcat
_itoa
??2@YAPAXI@Z
memset
strcpy
??3@YAXPAX@Z
strlen
memcpy

Exports

Exports

abgdtdtCharacterPlacement
fgfgerrrdBreak
n45fgfgMTextOut
n46hghseGDIWidthCache
nbgmjkotTextExtentExPoint
nbgtdtTextOut
nvbgtitControl

Sections

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shard
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a729be964ad21e65302977df9faa2331

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

wininet

msvcrt

Exports

Exports

Sections

.bss Size: - Virtual size: 16KB

.data Size: 13KB - Virtual size: 13KB

shard Size: 12KB - Virtual size: 11KB

.reloc Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 16KB

.data
Size: 13KB - Virtual size: 13KB

shard
Size: 12KB - Virtual size: 11KB

.reloc
Size: 2KB - Virtual size: 2KB