3fce89cfbd70f4d03260c9768a316c04_JaffaCakes118

General

Target

3fce89cfbd70f4d03260c9768a316c04_JaffaCakes118
Size

21KB
MD5

3fce89cfbd70f4d03260c9768a316c04
SHA1

a34a7af51a69c8693d12527b7d10d1ba9cf6a40e
SHA256

a10f8c9bb23a967fce027672c5e678ddcdecf85ae15b659fbdd48d6d43fa6320
SHA512

8ab914cff28ea24f1365c6502f699aac5579afc8137f09ef23ac66fb03ded4059290429405571933fee47b6447499a4df6fad686079f9b794b2cdac188116059
SSDEEP

384:SZKc1Maj2tCj8wIiFeBsxM9QY5vheb/TV5MkhCTTdFA6:SZtdj2tCj8fiis+2YxheTTrMkh2TdFA6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fce89cfbd70f4d03260c9768a316c04_JaffaCakes118

Files

3fce89cfbd70f4d03260c9768a316c04_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5ad0b42adbb65f3bb9f446a44ca39eb1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEvent
Process32Next
Process32First
CreateToolhelp32Snapshot
Sleep
GetVersionExA
ExitThread
TerminateThread
WaitForMultipleObjects
GetModuleFileNameA
GetLastError
ReadFile
CreateMailslotA
WaitForSingleObject
lstrcatA
CreateThread
GetSystemDirectoryA
CreateDirectoryA
GetTickCount
DeleteFileA
GetTempFileNameA
GetFileAttributesA
lstrlenA
HeapFree
lstrcpyA
OpenProcess
GetProcessHeap
SetFilePointer
CreateMutexA
ReleaseMutex
SetEndOfFile
CreateEventA
lstrcmpA
ResetEvent
CompareStringA
OutputDebugStringA
HeapAlloc
HeapReAlloc
CreateFileA
WriteFile
CloseHandle

user32

wvsprintfA
wsprintfA

advapi32

RegNotifyChangeKeyValue
CryptDestroyHash
CryptReleaseContext
CryptEncrypt
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptDecrypt
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey
RegSetValueExA
OpenProcessToken
CreateProcessAsUserA
RegQueryValueExA
RegCreateKeyExA
CryptDestroyKey

wininet

InternetGetConnectedState
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetConnectA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ad0b42adbb65f3bb9f446a44ca39eb1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB