351fcf9e1a3724377e28d9807be00dc5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

351fcf9e1a3724377e28d9807be00dc5_JaffaCakes118
Size

9KB
MD5

351fcf9e1a3724377e28d9807be00dc5
SHA1

c7825ee5b76976933b434b0c8567102810c2bc5b
SHA256

a90332235819740706565dfc69ad3235a597f9c94b3701125c57a02b8652a32e
SHA512

24e525be526cece4505186d601e607b2913f99baf8e37ec576fc355dd05286f204721522e115734d1e578246c9a558e8910640f2a68943afb81cce26e10acd40
SSDEEP

96:7AxViulQsGviVxiJcKkvHGonoS2B52BiHPqBB/tMFEI3KHnPp:72tOXvEiJctGxhWivUB/twraH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
351fcf9e1a3724377e28d9807be00dc5_JaffaCakes118

Files

351fcf9e1a3724377e28d9807be00dc5_JaffaCakes118
.dll windows:1 windows x86 arch:x86

4cafbadd33246edf99c72490ca95d229

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetCloseHandle
InternetGetConnectedState
InternetOpenA
InternetOpenUrlA
InternetReadFile

kernel32

ExitProcess
ExpandEnvironmentStringsA
GetEnvironmentStringsA
GetLocalTime
CloseHandle
MoveFileExA
OpenMutexA
CreateFileA
RtlUnwind
CreateMutexA
WinExec
WriteFile

user32

SetTimer
KillTimer
RegisterClassA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
PostQuitMessage
CreateWindowExA
DestroyWindow
SetWindowPos
DefWindowProcA

gdi32

GetStockObject

advapi32

RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA

crtdll

_fdopen
_itoa
_open_osfhandle
abs
atoi
fclose
fgets
fopen
fputs
free
_cexit
malloc
printf
raise
setbuf
strcpy

Exports

Exports

_LibMain@12
load

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 284B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84B - Virtual size: 84B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 572B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 364B - Virtual size: 364B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE

.edata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4cafbadd33246edf99c72490ca95d229

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

advapi32

crtdll

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 284B

.rdata Size: 84B - Virtual size: 84B

.data Size: 572B - Virtual size: 572B

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 364B - Virtual size: 364B

.edata Size: 88B - Virtual size: 88B

.text
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 284B

.rdata
Size: 84B - Virtual size: 84B

.data
Size: 572B - Virtual size: 572B

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 364B - Virtual size: 364B

.edata
Size: 88B - Virtual size: 88B