2470fa58824b56b48e8fbe2990f1bcc2_JaffaCakes118

General

Target

2470fa58824b56b48e8fbe2990f1bcc2_JaffaCakes118
Size

21KB
MD5

2470fa58824b56b48e8fbe2990f1bcc2
SHA1

f44182f66d6e799533e5270cad826e70756039fb
SHA256

c61e46062bf9b1bee1852d01d89f63c44c689d45f21e3c6c5406ffb1d7385538
SHA512

cbae10ff7769f23db6b351010aa6cf6dc1805f908243c6d04db05c2f36583b4685104088e0d96bc0e0ab61c32a97e62be450f009c21dba756ff6a19581cb3b07
SSDEEP

384:AcbqmoPtnDALYLcMsn840eMW/JY/1TbKdeJpCwxtSVxzcAwEuT5mdxUwSrbzVcNr:A+qmoPtnDOYLcMsn840eMW/JY/1TbKd2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2470fa58824b56b48e8fbe2990f1bcc2_JaffaCakes118

Files

2470fa58824b56b48e8fbe2990f1bcc2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

84523cd6d8f3fd93538499e94dcdb3e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SuspendThread
CreateDirectoryA
GetFileType
SetCurrentDirectoryA
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
GetTempFileNameA
GetTempPathA
MulDiv
GetTickCount
CloseHandle
WriteFile
ReadFile
CreateFileA
DeleteFileA
FindNextFileA
WaitForSingleObject
CreateEventA
SetFilePointer
GetModuleFileNameA
InterlockedExchange
RtlUnwind
RemoveDirectoryA
lstrlenA
CreateProcessA
GetLastError
VirtualQuery
GlobalAlloc
lstrcpynA
lstrcpyA
WaitForMultipleObjects
GlobalFree

user32

RegisterWindowMessageA
SetWindowLongA
SetDlgItemTextA
MessageBoxA
wsprintfA
CallWindowProcA
DestroyWindow
EnableWindow
CharLowerBuffA
GetWindowLongA
CreateWindowExA
GetWindowRect
GetClientRect
SendMessageA
FindWindowExA
GetDlgItem
GetFocus
IsWindowVisible
ShowWindow
SetWindowTextA

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA
RegEnumValueA
RegQueryValueExA

wininet

InternetConnectA
InternetOpenA
InternetCloseHandle
InternetReadFile
InternetSetFilePointer
InternetCrackUrlA
FindCloseUrlCache
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
HttpOpenRequestA
HttpSendRequestA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

download
getidex
skipcomponents

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84523cd6d8f3fd93538499e94dcdb3e4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

version

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 612B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 612B

.reloc
Size: 2KB - Virtual size: 1KB