233595fe694c3d230abb57253832cab5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

233595fe694c3d230abb57253832cab5_JaffaCakes118
Size

132KB
MD5

233595fe694c3d230abb57253832cab5
SHA1

3c7c98ed15bf9be2490ea82b295c22261b4e3429
SHA256

4fd5252ad20ba2186092f03a5987b62cc676272323c50ef9237acfacd024caca
SHA512

39a0bf4e940f95d15e21ab810a8318cb2385fd90718b295e674bf13f01e291c54e413f1a5b645aa0ed057683dfef1c66f5cfd01ee3a5c872ca9544ba62a38f28
SSDEEP

3072:1qVtaXtbs2jd0i+kwsDG2UYzGbavT5E4:ao1h+kZy2bqavq4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
233595fe694c3d230abb57253832cab5_JaffaCakes118

Files

233595fe694c3d230abb57253832cab5_JaffaCakes118
.dll windows:5 windows x86 arch:x86

586c814c386fa9a4d65f00aa05fce8e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSAStartup
closesocket
WSASetLastError
gethostbyname
ioctlsocket
connect
select
htons
recv
socket
send
WSASetEvent
WSAGetLastError
ntohs
shutdown

shlwapi

StrCatW
wnsprintfA
StrChrA
PathAddBackslashW
StrStrIW
PathFileExistsW
StrStrA
StrCmpNIA
StrCpyW
StrCmpNA
PathAddBackslashA
StrNCatA
StrStrIA

wininet

InternetTimeFromSystemTimeA
InternetOpenUrlA
InternetConnectA
InternetCrackUrlA
InternetReadFile
InternetSetOptionW
HttpOpenRequestA
HttpSendRequestA
InternetOpenA
InternetCloseHandle
InternetCanonicalizeUrlA

kernel32

MultiByteToWideChar
LCMapStringA
HeapSize
HeapAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapDestroy
HeapCreate
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapFree
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
RtlUnwind
RaiseException
VirtualFree
Sleep
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
CloseHandle
CreateThread
lstrlenA
lstrcpynA
GetTickCount
IsBadWritePtr
lstrcatA
VirtualAlloc
DeleteFileW
GetSystemTime
lstrcpyA
FindFirstFileW
GetCommandLineA
InitializeCriticalSection
GetModuleFileNameW
GetTempPathW
FindClose
RemoveDirectoryW
FindNextFileW
CreateMutexW
GetLastError
lstrcmpA
LCMapStringW
InterlockedExchange
GetTempPathA
GetCurrentThread
LoadLibraryW
GetProcAddress
GetTempFileNameW
CreateFileA
GetFileSize
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetCurrentProcess
OpenProcess
TerminateProcess
OpenMutexW
SetLastError
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
GetCurrentProcessId
ExitProcess
GetComputerNameA
SystemTimeToFileTime
GetVolumeInformationA
VirtualQuery
VirtualProtect
InterlockedCompareExchange
GetCurrentThreadId
ResumeThread
FlushInstructionCache
GetThreadContext
SetThreadContext
SuspendThread
HeapReAlloc
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
lstrcmpiA

advapi32

AdjustTokenPrivileges
RegCreateKeyA
RegSetValueExA
RegQueryValueExA
LookupPrivilegeValueW
OpenThreadToken
OpenProcessToken
RegCloseKey
RegOpenKeyExA

shell32

SHGetSpecialFolderPathW

urlmon

ObtainUserAgentString

crypt32

CryptStringToBinaryA

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

586c814c386fa9a4d65f00aa05fce8e6

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

shlwapi

wininet

kernel32

advapi32

shell32

urlmon

crypt32

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 7KB - Virtual size: 106KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 7KB - Virtual size: 106KB

.reloc
Size: 11KB - Virtual size: 10KB