16cc36adccc0408ca1eb3aa3bc6665b4_JaffaCakes118

General

Target

16cc36adccc0408ca1eb3aa3bc6665b4_JaffaCakes118
Size

16KB
MD5

16cc36adccc0408ca1eb3aa3bc6665b4
SHA1

714951bd0741592eb8448a494ca6d1b2fe3a79f5
SHA256

7baeb9bfb1068f93623721604fd6e164874ddef229cde095b05241ff16ec75be
SHA512

64fbf2bbc39fcf9b69a9711f957277ebf535a66c3fbbfd208c36c0b0ccdf020a091a3d6ab10c466109218965acc290b30a884b5e8fa80a38a55d6cfcfd9cca8c
SSDEEP

384:PzCPJrMucc4dSDPqK8Z3X+hBt2vY1Z3j:GP1YSDPqK85X+td15

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16cc36adccc0408ca1eb3aa3bc6665b4_JaffaCakes118

Files

16cc36adccc0408ca1eb3aa3bc6665b4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a3f3269faf7dd6a2f3577fa66026f5c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
Sleep
GetCommandLineA
GlobalFree
GetModuleHandleA
GetCurrentProcess
GlobalLock
GlobalAlloc
GetPrivateProfileStringA
GetProcAddress
IsBadReadPtr
VirtualProtectEx
CreateThread
ReadProcessMemory

user32

SetWindowsHookExA
GetAsyncKeyState
ToAscii
CallNextHookEx
GetKeyboardState

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile

msvcrt

strcat
_adjust_fdiv
malloc
_initterm
free
memset
strlen
strstr
memcpy
strrchr
strcpy
strcmp
_stricmp
sprintf
??2@YAPAXI@Z
strncpy

Exports

Exports

fa
fc

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdt
Size: 512B - Virtual size: 277B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 602B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3f3269faf7dd6a2f3577fa66026f5c2

Headers

File Characteristics

Imports

kernel32

user32

wininet

msvcrt

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 704B

sdt Size: 512B - Virtual size: 277B

.reloc Size: 1024B - Virtual size: 602B

0 Size: 5KB - Virtual size: 5KB

1 Size: 1024B - Virtual size: 1004B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 704B

sdt
Size: 512B - Virtual size: 277B

.reloc
Size: 1024B - Virtual size: 602B

0
Size: 5KB - Virtual size: 5KB

1
Size: 1024B - Virtual size: 1004B