347eba9fd3320d2e619a803742c96535_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

347eba9fd3320d2e619a803742c96535_JaffaCakes118
Size

17KB
MD5

347eba9fd3320d2e619a803742c96535
SHA1

41ed2bd8dda935cd61ee05221dc9973279d391ed
SHA256

c4909eb92e4a3e7036c43128792d0ed8f7bbf4ae7fa2eb650b2b44ae82ed76b8
SHA512

016b56218bff36137950f19aa6da1be84a3b42ce195b6f752ae432fd50fdad271562e2d95d8d51273b4339dc5d38692abe0cabfe0974925b52b867ccae538efb
SSDEEP

384:hU3S+0Mm6OpICtXgbskqutuDLyvIoYEgmV+geo8Nvz9:hU3S+0F63Iesj6sJoYZWPeBb9

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Inject.exe
unpack001/InjectDLL.dll

Files

347eba9fd3320d2e619a803742c96535_JaffaCakes118
.rar
Inject.c
Inject.dev
Inject.exe
.exe windows:4 windows x86 arch:x86

3b76f099f898cd5bee354a75d064399e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
CloseHandle
CreateRemoteThread
CreateToolhelp32Snapshot
ExitProcess
FindAtomA
GetAtomNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetVersion
OpenProcess
Process32First
Process32Next
SetUnhandledExceptionFilter
VirtualAllocEx
VirtualFreeEx
WaitForSingleObject
WriteProcessMemory

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
exit
fflush
fprintf
free
malloc
printf
scanf
signal
strcat
strlen
strrchr
system

user32

MessageBoxA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 176B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
InjectDLL.c
InjectDLL.dev
InjectDLL.dll
.dll windows:4 windows x86 arch:x86

9876380c027742114bbafaf77cd57d38

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
CloseHandle
CreateFileA
FindAtomA
GetAtomNameA
GetCurrentProcess
GetLocalTime
GetModuleHandleA
GetProcAddress
Sleep
VirtualProtectEx

msvcrt

__dllonexit
_errno
_iob
abort
fclose
fflush
fopen
fprintf
fputc
free
fwrite
malloc
memcpy
sscanf
strlen

user32

MessageBoxA
wsprintfA

ws2_32

WSAStartup
send

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 304B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
InjectDLL.h

Sharing

General

Malware Config

Signatures

Files

3b76f099f898cd5bee354a75d064399e

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 64B

.rdata Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 176B

.idata Size: 1KB - Virtual size: 1KB

9876380c027742114bbafaf77cd57d38

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ws2_32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 128B

.rdata Size: 1024B - Virtual size: 624B

.bss Size: - Virtual size: 304B

.idata Size: 1024B - Virtual size: 968B

.reloc Size: 512B - Virtual size: 452B

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 64B

.rdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 176B

.idata
Size: 1KB - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 128B

.rdata
Size: 1024B - Virtual size: 624B

.bss
Size: - Virtual size: 304B

.idata
Size: 1024B - Virtual size: 968B

.reloc
Size: 512B - Virtual size: 452B