3cbfad17493509e20044538d132afa24_JaffaCakes118

General

Target

3cbfad17493509e20044538d132afa24_JaffaCakes118
Size

23KB
MD5

3cbfad17493509e20044538d132afa24
SHA1

a8ceb719b38ab2a33f9cbb88f453819ad70eee0b
SHA256

decc837e86c7457af6aa74dd951889ca1b9b16cb3a4ae8e9677711eacc9754de
SHA512

e502a980e162fa438dd9bc8bcef34964f74161a84592276a515a6a1818d9d36a0adb1aaaa26ff70fa9c9dd24e38ce7046a97c0fbcc8a2e03cc0ef7e4e91522ef
SSDEEP

384:70ew0kMFKd3u9Mx4ffDOKaNGE+p3hMyMmOCWio:70ewF9u64fiq3hMmOdl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cbfad17493509e20044538d132afa24_JaffaCakes118

Files

3cbfad17493509e20044538d132afa24_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d61616a963389f77b064ea909bc2a4e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentThreadId
CreateRemoteThread
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetProcAddress
GetModuleHandleA
DeleteFileA
CreateFileA
WriteFile
GetFileSize
ReadFile
GetModuleFileNameA
ReadProcessMemory
GetCurrentProcess
OutputDebugStringA
CopyFileA
CreateEventA
SetThreadPriority
CreateThread
IsBadReadPtr
GlobalFree
GlobalLock
GlobalAlloc
Sleep
ExitProcess
VirtualProtectEx
VirtualFree
OpenEventA
VirtualAlloc

user32

DeleteMenu
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
wsprintfA
GetInputState
PostThreadMessageA
GetMessageA

gdi32

DeleteObject

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d61616a963389f77b064ea909bc2a4e3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wininet

Sections

.text Size: 20KB - Virtual size: 19KB

sdata Size: 512B - Virtual size: 512B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

sdata
Size: 512B - Virtual size: 512B

.reloc
Size: 1KB - Virtual size: 1KB