28ecd6a35d90b7fb3c8fa05c2a7874ef_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

28ecd6a35d90b7fb3c8fa05c2a7874ef_JaffaCakes118
Size

104KB
MD5

28ecd6a35d90b7fb3c8fa05c2a7874ef
SHA1

8ebd6347a3429c09f95bc3016ed274aa6836f000
SHA256

970629431b809b782b32b9f6f1a5525aca2bce70a3affc428f58c3cebede4d96
SHA512

ca64f7d07ec7027d9d394caafa7efb1f6ab9be582df18d120ad286e65a0e274d261bb406c0fcddd5ef58cd1703403c1452dd93c4511d19ad91e9c05193d7af3a
SSDEEP

3072:4aXT3jUNwQz1nsKjrEKtShDg8zSVEllIlcuVcgB3:93vQz1sKjQ0ShDg8s1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28ecd6a35d90b7fb3c8fa05c2a7874ef_JaffaCakes118

Files

28ecd6a35d90b7fb3c8fa05c2a7874ef_JaffaCakes118
.dll windows:4 windows x86 arch:x86

561af43a8c753dc67e6ad6a168c4b3a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
OutputDebugStringA
Sleep
MultiByteToWideChar
GetACP
WaitForSingleObject
CreateThread
CloseHandle
ReleaseMutex
CreateMutexA
DeleteFileA
VirtualFreeEx
LoadLibraryA
GetProcAddress
GetModuleHandleA
WriteProcessMemory
VirtualAllocEx
OpenProcess
MoveFileExA
SetFileAttributesA
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
SetLastError
GetFileTime
CreateFileA
WideCharToMultiByte
HeapFree
FileTimeToSystemTime
FileTimeToLocalFileTime
VirtualQueryEx
ReadProcessMemory
HeapAlloc
GetProcessHeap
GetSystemInfo
GetSystemDirectoryA
GlobalMemoryStatus
GetLongPathNameA
GetTempPathA
GetLocalTime
VirtualProtectEx
FreeLibrary
TerminateProcess
WriteFile
ReadFile
PeekNamedPipe
CreatePipe
GetTickCount
Process32Next
Process32First
CreateToolhelp32Snapshot
GetLastError
FormatMessageA
GetModuleFileNameA
GetShortPathNameA
GetCurrentProcess
CreateProcessA
GetVersionExA
DeleteCriticalSection
SetFileTime
InitializeCriticalSection
SetEndOfFile
IsBadCodePtr
IsBadReadPtr
SetFilePointer
FlushFileBuffers
SetStdHandle
GetOEMCP
GetLocaleInfoA
GetCPInfo
GetStringTypeW
GetStringTypeA
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
ExitProcess
RtlUnwind
RaiseException
GetCurrentThreadId
GetCommandLineA
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
HeapReAlloc
HeapSize
InterlockedExchange
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
VirtualProtect

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
GetUserNameA
LsaOpenPolicy
LsaRetrievePrivateData
LsaClose
LsaNtStatusToWinError
RegDeleteKeyA
RegQueryValueExA
RegRestoreKeyA
RegOpenKeyExA
RegSaveKeyA
RegCreateKeyA
RegSetValueExA
RegCloseKey
OpenProcessToken

shell32

ShellExecuteA

ws2_32

sendto
htonl
WSASocketA
listen
accept
WSAGetLastError
connect
closesocket
setsockopt
WSAStartup
select
socket
inet_addr
htons
bind
WSAIoctl
WSACleanup
gethostname
gethostbyname
inet_ntoa
recv
send

urlmon

URLDownloadToFileA

wininet

GetUrlCacheEntryInfoA

psapi

EnumProcessModules
GetModuleFileNameExA

Exports

Exports

install
uninstall

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

561af43a8c753dc67e6ad6a168c4b3a5

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

urlmon

wininet

psapi

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 62KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 22KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 22KB

.reloc
Size: 8KB - Virtual size: 6KB