427afc6a0ea8e55b1e5262bd195f3d86_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

427afc6a0ea8e55b1e5262bd195f3d86_JaffaCakes118
Size

25KB
MD5

427afc6a0ea8e55b1e5262bd195f3d86
SHA1

123a19fbd0c60a549ecea2517dc5e9a63949a5ee
SHA256

6b80e9f976b30e358da26ab6b04e8d0070afefed0ca7e7917e3726a1214659be
SHA512

25cd123046a7b62c2a98aa2df59a03152fd9091d476d16b291c3483832daa4505131ce4406064d3f487bee661bf9957c27eb7d4618b44503280f1117a6db3dd4
SSDEEP

384:T/OF/fUbDyzVtLRVX/BZlnDo+vdHedVv0c35DJtULrscIOd9jx4Z5Dg3K+w:Lq6cVtLRl/BPDoxVv0GeLrswH94DM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
427afc6a0ea8e55b1e5262bd195f3d86_JaffaCakes118

Files

427afc6a0ea8e55b1e5262bd195f3d86_JaffaCakes118
.dll windows:4 windows x86 arch:x86

57634f54466b2658b2a10e9dd29f34cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
ExitProcess
ExitThread
FindClose
FindFirstFileA
FindNextFileA
GetDateFormatA
GetFileSize
GetLastError
GetLocalTime
GetMailslotInfo
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetTempPathA
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetVolumeInformationA
CreateThread
GlobalFree
LoadLibraryA
LocalAlloc
LocalFree
ReadFile
ReleaseMutex
RemoveDirectoryA
SetFilePointer
Sleep
TerminateThread
VirtualProtect
WaitForSingleObject
WinExec
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
CreateMutexA
CreateMailslotA
CreateFileA
GlobalAlloc
CloseHandle
FormatMessageA
LocalLock

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

ws2_32

closesocket
WSAStartup
connect
gethostbyname
gethostname
htons
inet_addr
listen
__WSAFDIsSet
recv
socket
shutdown
setsockopt
sendto
send
htonl
accept
select
WSASocketA
bind

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpOpenRequestA
HttpAddRequestHeadersA
InternetGetConnectedState

urlmon

URLDownloadToFileA

ole32

CreateStreamOnHGlobal
CoInitialize

shlwapi

StrChrIA
StrTrimA
StrDupA
StrRChrA

user32

MessageBoxA
UnhookWindowsHookEx
ToAsciiEx
SetWindowsHookExA
GetWindowThreadProcessId
GetWindowTextA
CallNextHookEx
CharLowerA
CharUpperA
GetFocus
GetForegroundWindow
wsprintfA
GetKeyboardLayout
GetKeyboardState

rasapi32

RasEnumConnectionsA

Exports

Exports

MainFunc

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 35KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57634f54466b2658b2a10e9dd29f34cb

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

wininet

urlmon

ole32

shlwapi

user32

rasapi32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.bss Size: - Virtual size: 35KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 17KB

.bss
Size: - Virtual size: 35KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB