3a9654c954c0ee19e8359d6efa8f55c0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3a9654c954c0ee19e8359d6efa8f55c0_JaffaCakes118
Size

72KB
MD5

3a9654c954c0ee19e8359d6efa8f55c0
SHA1

cf4028e7f11500b5c9a9fd2e0376a4d3bc42b30f
SHA256

3051ffe84cad75873379ec999a58208c0cb519c8122abb01db3249409b3c1da4
SHA512

1197a8b2a8243a46d08d93e4288ead9eea73cd46c2d0a82afd0ef92394ca1d5118ab52e2d7a2e3a09c500cc6897b6bf5c9e169e607b8e38a3247018f4fc3d966
SSDEEP

768:CTt1RNicLkIs+YTeSovO4Gk8oBt9FD83iB9AFqUqqZJu+clcMf:CTtwgs+YTejW9oygpflH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a9654c954c0ee19e8359d6efa8f55c0_JaffaCakes118

Files

3a9654c954c0ee19e8359d6efa8f55c0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

45194273e5e23169dd89eedbfab0d3bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
TerminateThread
WaitForSingleObject
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
FreeLibrary
LoadLibraryA
MoveFileA
GetProcAddress
GetModuleFileNameA
GetWindowsDirectoryA
MultiByteToWideChar
CreateEventA
GetCurrentThreadId
SetEvent
SetThreadPriority
WaitForMultipleObjects
DisableThreadLibraryCalls
GetLastError
GetTempPathA
GetTempFileNameA
CreateFileA
WriteFile
CloseHandle
MoveFileExA
GetVolumeInformationA
DeleteFileA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetStringTypeA
LeaveCriticalSection
RtlUnwind
GetCommandLineA
GetVersion
HeapAlloc
HeapFree
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
EnterCriticalSection

user32

LoadStringA

advapi32

RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoCreateGuid

rpcrt4

RpcStringFreeA
UuidToStringA

wininet

InternetSetOptionA
InternetCloseHandle
InternetGetConnectedState
HttpOpenRequestA
InternetConnectA
HttpQueryInfoA
InternetReadFile
HttpSendRequestA
InternetOpenA
InternetOpenUrlA

Exports

Exports

GetId
GetVer
Start
Stop

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45194273e5e23169dd89eedbfab0d3bc

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

rpcrt4

wininet

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 13KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 13KB

.reloc
Size: 8KB - Virtual size: 4KB