3f98c646f16650c8949ffc55161ef051_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f98c646f16650c8949ffc55161ef051_JaffaCakes118
Size

50KB
MD5

3f98c646f16650c8949ffc55161ef051
SHA1

33e4e5f61d5b2236621dab300ed4d40bc8e8d5f8
SHA256

18df4b3940aa5504e5b5b18e294323ce84012dee0adcfa9059df959dd73a0c1d
SHA512

7dc74ca3bddb3986dd1059f07dd768281cdc0d3f45695f095deb63eb57df356f990c75e25177a11eba19f76d7dc28f463b12eff0ea2d870485806d216ef226e9
SSDEEP

1536:L4XIGM+8/Bklrd6RrejN9Sn3If6WaJFeep6bD:atXOQjN9S3ISWaDp6bD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f98c646f16650c8949ffc55161ef051_JaffaCakes118

Files

3f98c646f16650c8949ffc55161ef051_JaffaCakes118
.dll windows:5 windows x86 arch:x86

ae3d56de34c7577cee9388bcfb03830b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetOpenA
DeleteUrlCacheEntryA
HttpQueryInfoA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetReadFile
InternetCloseHandle
HttpSendRequestW
InternetSetOptionW
HttpQueryInfoW
InternetQueryOptionW
HttpOpenRequestW
InternetOpenW
InternetConnectW
DeleteUrlCacheEntryW

ntdll

_chkstk
strncpy
memcpy
memset

gdiplus

GdipGetImagePalette
GdipCloneImage
GdipDrawImageI
GdipFree
GdipGetImageGraphicsContext
GdiplusStartup
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits

kernel32

CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetExitCodeThread
lstrcpynA
lstrcatA
GetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrcpynW
MoveFileExW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
InterlockedExchange
CreateFileMappingW
MapViewOfFile
lstrcmpiA
FreeLibrary
UnmapViewOfFile
lstrcmpW
Sleep
lstrcmpiW
FindResourceW
LoadResource
SizeofResource
LockResource
ExpandEnvironmentStringsW
CreateFileW
WriteFile
CreateThread
GetModuleFileNameW
CloseHandle
GetModuleHandleW
GetModuleHandleA
GetProcAddress
GetTempPathW
GetTempFileNameW
CopyFileW
LocalAlloc
LocalFree
CreateDirectoryW
GetStartupInfoW
GetFileSize
DeleteFileW
ReadFile
SetFilePointer
lstrlenW
GetModuleFileNameA
GetModuleHandleExW
WaitForSingleObject
GetCurrentThreadId
CreateEventW
LoadLibraryW
lstrcatW
lstrcpyA
GetTickCount
lstrlenA
SetEvent
lstrcpyW
WriteProcessMemory
VirtualProtect
GetLocalTime

user32

ToAscii
GetKeyboardState
GetWindowTextW
SetWindowsHookExA
PostThreadMessageW
GetMessageW
UnhookWindowsHookEx
PostQuitMessage
CallNextHookEx
wsprintfW
wsprintfA
IsCharAlphaNumericW
GetClassNameW

gdi32

GetStockObject
CreateDIBSection
SetDIBColorTable
GetPixel
SelectObject
GetObjectW
DeleteDC
CreateCompatibleDC

advapi32

RegOpenKeyExW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegEnumKeyExW
RegQueryValueExW
RegCloseKey

ole32

CreateStreamOnHGlobal

Exports

Exports

AetModuleFileNameExA
AetModuleFileNameExW
GetStockObject

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae3d56de34c7577cee9388bcfb03830b

Headers

DLL Characteristics

File Characteristics

Imports

wininet

ntdll

gdiplus

kernel32

user32

gdi32

advapi32

ole32

Exports

Exports

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB