2ff4b58c07d8c93273265389430e7782_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ff4b58c07d8c93273265389430e7782_JaffaCakes118
Size

15KB
MD5

2ff4b58c07d8c93273265389430e7782
SHA1

1ce62909e274980198e87a892887ee0575b75421
SHA256

31252c3df586f98a8a061e6ebf6d0c0a3689650f77e1bba9e1595fee7d90997d
SHA512

27b33cacdb2b67140b9b26a978922413267cc3512aca5dfe401f5ac0157f3020bafe79deb66f08bf5c13403c2f9ec741fdbc6e8bb45d8139cd43449b0d9d58d7
SSDEEP

384:GuawciDaLrFpZTMtalzPzEXBwmgSjb9l:Ba5Ma/ataxLkymd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ff4b58c07d8c93273265389430e7782_JaffaCakes118

Files

2ff4b58c07d8c93273265389430e7782_JaffaCakes118
.dll windows:1 windows x86 arch:x86

bbd4e813fefa4f59e74153409026a066

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

urlmon

URLDownloadToFileA

wininet

InternetGetConnectedState

kernel32

ExitProcess
GetEnvironmentStringsA
CloseHandle
GetSystemDirectoryA
GetTempPathA
GetVersionExA
GetWindowsDirectoryA
CopyFileA
OpenMutexA
CreateFileA
ReadFile
RtlUnwind
CreateMutexA
WriteFile
DeleteFileA

user32

SetTimer
KillTimer
RegisterClassA
GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
CreateWindowExA
DestroyWindow
DefWindowProcA

gdi32

GetStockObject

advapi32

RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

crtdll

_fdopen
_open_osfhandle
atoi
atol
exit
fclose
feof
fgets
fopen
fputs
_cexit
malloc
memset
printf
raise
rand
setbuf
sprintf
srand
strcat
strcpy
strncpy
time

Exports

Exports

LibMain
_LibMain@12
load

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84B - Virtual size: 84B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 808B - Virtual size: 808B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE

.edata
Size: 112B - Virtual size: 112B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbd4e813fefa4f59e74153409026a066

Headers

File Characteristics

Imports

urlmon

wininet

kernel32

user32

gdi32

advapi32

crtdll

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.bss Size: - Virtual size: 6KB

.rdata Size: 84B - Virtual size: 84B

.data Size: 1KB - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 808B - Virtual size: 808B

.edata Size: 112B - Virtual size: 112B

.text
Size: 7KB - Virtual size: 7KB

.bss
Size: - Virtual size: 6KB

.rdata
Size: 84B - Virtual size: 84B

.data
Size: 1KB - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 808B - Virtual size: 808B

.edata
Size: 112B - Virtual size: 112B