4283545183bd1598062d233e77b59660_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4283545183bd1598062d233e77b59660_JaffaCakes118
Size

64KB
MD5

4283545183bd1598062d233e77b59660
SHA1

7be3ca6dc9b6226a402382993698e36de14d374e
SHA256

6a93175638298ee354f5b55c5edca000bb486bd68a9fe6d5c16846e3f2542dc7
SHA512

6f78d1fd4a40a5f4d4d459c6d31d81c411b0bdd1fcbe3ca787aca7e9079e39acee70e6c1fb5facb3b83c8ef2c7fa11238c7e06fd5ea3249e58d0bf71cfe79e28
SSDEEP

1536:+DImV27wjNs/QZlZwlmgWpnf3rucXjwYz6IZw1PZ0R:BmVY64ZMBpnvru0wYz6IZw1PyR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4283545183bd1598062d233e77b59660_JaffaCakes118

Files

4283545183bd1598062d233e77b59660_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e579751c72c37ebea9aa87ec3d1a473b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord858
ord926
ord860
ord4277
ord4129
ord801
ord541
ord2841
ord2044
ord2107
ord3903
ord941
ord3663
ord2448
ord5450
ord5440
ord6383
ord6394
ord924
ord6467
ord1578
ord600
ord826
ord269
ord1243
ord1176
ord389
ord690
ord3229
ord6059
ord6057
ord5204
ord6058
ord5807
ord2393
ord5356
ord6869
ord1988
ord5861
ord540
ord939
ord6143
ord535
ord800
ord537
ord823
ord5834
ord825

msvcrt

_onexit
__dllonexit
??1type_info@@UAE@XZ
_beginthreadex
_except_handler3
strrchr
srand
sscanf
_mbsrchr
atoi
rand
_mbschr
_mbsstr
_mbsicmp
_mbscmp
strtoul
sprintf
_mbsnbcpy
_strdup
__CxxFrameHandler
_mbsrev
_strcmpi

kernel32

GetLastError
lstrlenA
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
CloseHandle
GetVersion
GetModuleHandleA
FreeLibrary
GetCurrentProcessId
OutputDebugStringW
ExitProcess
GetTickCount
LocalFree
GetCurrentProcess
GetModuleFileNameA
LocalAlloc

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA

shlwapi

UrlUnescapeA

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e579751c72c37ebea9aa87ec3d1a473b

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

wininet

shlwapi

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 7KB

.CRT Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 888B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 7KB

.CRT
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 888B

.reloc
Size: 4KB - Virtual size: 2KB