2d07a0c0e47dd425f7afb4b661d6ecb1_JaffaCakes118

General

Target

2d07a0c0e47dd425f7afb4b661d6ecb1_JaffaCakes118
Size

28KB
MD5

2d07a0c0e47dd425f7afb4b661d6ecb1
SHA1

4ed95a3452bec83ae59ceeb5aea5e5ae6118b685
SHA256

51504211769261d90ddc8bc592eaace75bb8f219f4f27e15f4e483b89f53db43
SHA512

880a9a863e2fb2dc7fca7210b628e8f6f6716d38f2507c247b85b92119e645394bc10a3d69eb25dbf8e5c53abb5022eae6c2e5ef4502a8a5c54fb62485781b0a
SSDEEP

192:hiVKFvvZsNr5aaQMYsPVwSZWJtF4jOZoXgwCQKW39HQEb64DQdZ:hZANwSkJt+jmohCWx6FdZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d07a0c0e47dd425f7afb4b661d6ecb1_JaffaCakes118

Files

2d07a0c0e47dd425f7afb4b661d6ecb1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

89b427f0f5b571c30e3c80c00890a855

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetWindowsDirectoryA
GetProcAddress
Sleep
CreateFileA
lstrcatA
ReadFile
GetCurrentProcessId
GetModuleHandleA
LocalAlloc
CreateThread
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
Module32Next
Module32First
lstrlenA
OpenProcess
VirtualProtectEx
VirtualProtect
WriteProcessMemory
CreateToolhelp32Snapshot
CloseHandle

user32

wsprintfA

advapi32

CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext

shlwapi

StrStrIA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

msvcrt

strstr
_except_handler3
strrchr
_purecall
atoi
isprint
strncat
strcat
_itoa
??2@YAPAXI@Z
memset
strcpy
??3@YAXPAX@Z
strlen
memcpy

Exports

Exports

LrwerwIWidthCache
dfverterextOut
rwerwawrdBreak
tyhtygdrtExtentExPoint

Sections

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shard
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89b427f0f5b571c30e3c80c00890a855

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

wininet

msvcrt

Exports

Exports

Sections

.bss Size: - Virtual size: 16KB

.data Size: 13KB - Virtual size: 13KB

shard Size: 12KB - Virtual size: 11KB

.reloc Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 16KB

.data
Size: 13KB - Virtual size: 13KB

shard
Size: 12KB - Virtual size: 11KB

.reloc
Size: 2KB - Virtual size: 1KB