36db9f63500791e44c6e3d0d2992b0d2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

36db9f63500791e44c6e3d0d2992b0d2_JaffaCakes118
Size

30KB
MD5

36db9f63500791e44c6e3d0d2992b0d2
SHA1

611a575dd997e621b7a2699b64199c64520bef18
SHA256

3bbbd4ec3c7e5ea06c36cda437eda74d743a0021727ba4b379dfac89a078abeb
SHA512

559f7d74f6d4c1ecf733e41d795e57db15cc58d06c486944a95aae3305638c62f2744fe8b0410ebfc2e2195721af4f20b80dccb4aeb1d1bb13e3cf2490bd41f5
SSDEEP

384:cuwl2jwtnEFGzBYpq4CLgJBEvq2SDRYd8GMnSZebp95E4ZNtdp:cJnEFGuVCLpyjO2zbpw4Zvd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36db9f63500791e44c6e3d0d2992b0d2_JaffaCakes118

Files

36db9f63500791e44c6e3d0d2992b0d2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

88949dae1e986faa10e151107c200482

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

ole32

CoInitialize
CoCreateInstance

wininet

HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetCloseHandle
InternetConnectA
InternetCrackUrlA
InternetOpenA

advapi32

RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteKeyA

user32

GetMessageA
ShowWindow
DispatchMessageA
DefWindowProcA
CreateWindowExA
RegisterClassA
TranslateMessage
UpdateWindow

msvcrt

_strupr
malloc
_initterm
free
??3@YAXPAX@Z
_purecall
__CxxFrameHandler
??2@YAPAXI@Z
strstr
localtime
strncpy
atoi
time
strrchr
_stricmp
sprintf
_strnicmp
difftime
_adjust_fdiv

kernel32

GetTempFileNameA
WriteFile
GetVolumeInformationA
WritePrivateProfileStringA
GetTempPathA
GetWindowsDirectoryA
GetSystemDirectoryA
SetFileAttributesA
CopyFileA
GetPrivateProfileIntA
CreateDirectoryA
FindNextFileA
CreateProcessA
HeapAlloc
DeleteFileA
GetComputerNameA
ReadFile
FindFirstFileA
HeapSize
CreateFileA
GetFileType
GetFileSize
GetFileTime
FindClose
CompareFileTime
FileTimeToSystemTime
HeapReAlloc
MultiByteToWideChar
CreateFileMappingA
MapViewOfFile
OpenProcess
GetTickCount
Sleep
GetProcessHeap
HeapFree
GetModuleFileNameA
CreateMutexA
GetLastError
CloseHandle
CreateThread
TerminateThread

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88949dae1e986faa10e151107c200482

Headers

File Characteristics

Imports

shell32

ole32

wininet

advapi32

user32

msvcrt

kernel32

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 1KB