3cc4b63a3305465e7e7bf5d39a0f804e_JaffaCakes118

General

Target

3cc4b63a3305465e7e7bf5d39a0f804e_JaffaCakes118
Size

9KB
MD5

3cc4b63a3305465e7e7bf5d39a0f804e
SHA1

d355edef83b80e6f65315b3555792d4d06380f67
SHA256

881ead709bfb2fb2bc4c655bc47629c16ad34929ec11b27e222e06e13f0d869a
SHA512

8da618b56175b703bac1a7a37e35c4552314ccde55e9e5b7e9990c08267bb2aca49e5f28511092408a9a885d0ebd64d22677190e6cc84108ef6131252d54895d
SSDEEP

192:Mti3gVJmkdftHDjhCEkCEbWU8rOyX9l+phcTj1:M43gn3fZDQS2WU8rOyNl+jcP1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cc4b63a3305465e7e7bf5d39a0f804e_JaffaCakes118

Files

3cc4b63a3305465e7e7bf5d39a0f804e_JaffaCakes118
.dll windows:3 windows x86 arch:x86

2b7abfd8db97cec1c96fb420a3b0be58

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReleaseMutex
SetFileAttributesA
VirtualAlloc
VirtualFree
WaitForSingleObject
WritePrivateProfileSectionA
CopyFileA
CreateEventA
CreateFileA
CreateProcessA
CreateThread
FreeLibrary
MoveFileA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetTempPathA
GetTickCount
LoadLibraryA
ResumeThread
SetErrorMode
SetEvent
Sleep
WriteFile
GetPrivateProfileSectionA
GetLastError
DeleteFileA
CreateMutexA
GetExitCodeProcess
CloseHandle

advapi32

RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

wsock32

send
recv
connect
closesocket
WSAStartup
socket
WSACleanup

user32

SetWindowsHookExA
PostMessageA
GetWindowThreadProcessId
FindWindowA
CallNextHookEx
UnhookWindowsHookEx

Exports

Exports

init

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 154B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shared
Size: 512B - Virtual size: 281B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b7abfd8db97cec1c96fb420a3b0be58

Headers

File Characteristics

Imports

kernel32

advapi32

wsock32

user32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 62B

.data Size: 512B - Virtual size: 154B

.idata Size: 1KB - Virtual size: 1KB

shared Size: 512B - Virtual size: 281B

.reloc Size: 512B - Virtual size: 260B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 62B

.data
Size: 512B - Virtual size: 154B

.idata
Size: 1KB - Virtual size: 1KB

shared
Size: 512B - Virtual size: 281B

.reloc
Size: 512B - Virtual size: 260B