3a451d5d2035f47bd812a4c8a8d7c7f5_JaffaCakes118

General

Target

3a451d5d2035f47bd812a4c8a8d7c7f5_JaffaCakes118
Size

23KB
MD5

3a451d5d2035f47bd812a4c8a8d7c7f5
SHA1

263dca51ac3487e0eef4cf6fb73614551888e444
SHA256

60df6ac4e824da0f22206fe64b922bd89de759f400f76933f54b85794427722c
SHA512

3b40b3c1a86adb412886e6ad6f0225ba08bda30b1adbff4a13835435e1fba042ac6c16a2b4a61af7dfaf1311c3105f7c61f3487f4af7211c7887e3cff2a2da35
SSDEEP

384:drdj90FKXAWskOSSwtHjNqtcZJAlBbNcjivXn/fW6YqRqN8d:Dj9eKckOSfDNqukq2W3Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a451d5d2035f47bd812a4c8a8d7c7f5_JaffaCakes118

Files

3a451d5d2035f47bd812a4c8a8d7c7f5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f3ef703040a76b3d8e4df18b3216e21b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
OutputDebugStringA
Sleep
GetCurrentProcess
GetModuleHandleA
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
GetFileAttributesW
ReadProcessMemory
VirtualQueryEx
OpenProcess
DeleteFileA
GetTempPathA
GetTickCount
TerminateProcess
LoadLibraryA
GetProcAddress
CreateFileA
SetFilePointer
ReadFile
CloseHandle
GetFileSize
GetModuleFileNameA
CreateThread

user32

wsprintfA
GetDC
GetWindowRect
GetWindow
GetClassNameW

wininet

InternetCloseHandle

msvcrt

_strcmpi
free
strcpy
memset
malloc
strncpy
memcpy
_except_handler3
strrchr
strlen
strcat
_local_unwind2
strstr
_stricmp
fopen
strcmp
_vsnprintf
sprintf
??3@YAXPAX@Z
wcscmp
??2@YAPAXI@Z
ftell
fseek
mbstowcs
wcslen
wcsncat
wcscpy
wcsstr
exit
printf
rand
srand
time
strchr
atoi
_strupr

gdiplus

GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup

gdi32

DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3ef703040a76b3d8e4df18b3216e21b

Headers

File Characteristics

Imports

kernel32

user32

wininet

msvcrt

gdiplus

gdi32

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB