429173c0a5d4bac955f8dd00d7d357dc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

429173c0a5d4bac955f8dd00d7d357dc_JaffaCakes118
Size

48KB
MD5

429173c0a5d4bac955f8dd00d7d357dc
SHA1

f6c33786547c588fae3f14ab7ce3fae2654b67f8
SHA256

bf174baef256dcd3665d6d81a53adb91eb5359cba9ac74bddc39d2d16d806558
SHA512

cc8e7373ded7f533ffce574453ca2734d0cd799f70f2f1afbbf85b6d1c503bf8e2b54fdf49c75f4138909c784b1ec60b13d82c47bc8c221662d4fd9a90190462
SSDEEP

768:U8d/V8FKjoJxEMqWEFatLCaiJ/0AOAxK4+Ax0n3Pq0sbfjT:Dd/2FK2xvqWEFatLdA/xOY1+YmS0sbfv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
429173c0a5d4bac955f8dd00d7d357dc_JaffaCakes118

Files

429173c0a5d4bac955f8dd00d7d357dc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

12e58bad116878744abf5ae92c54b3eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetProcAddress
WriteProcessMemory
GetCurrentProcess
LoadLibraryA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
GetModuleHandleA
GetSystemInfo
Sleep
lstrlenA
GetTickCount
VirtualQuery
VirtualProtect
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DisableThreadLibraryCalls
lstrcmpiA
GetCurrentThreadId
TlsSetValue
GetCommandLineA
GetVersionExA
HeapReAlloc
HeapAlloc
ExitProcess
TerminateProcess
HeapSize
TlsFree
SetLastError
TlsGetValue
GetLastError
TlsAlloc
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

user32

UnhookWindowsHookEx
SetWindowsHookExA
GetActiveWindow
GetForegroundWindow
SendMessageA
CallNextHookEx

imagehlp

ImageDirectoryEntryToData

Exports

Exports

GetLastTickCount
KeyHookProc
Load
MouseHookProc
RemoveHook
SetHook
SetOpt

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12e58bad116878744abf5ae92c54b3eb

Headers

File Characteristics

Imports

kernel32

user32

imagehlp

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 4KB

.shared Size: 4KB - Virtual size: 36B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 4KB

.shared
Size: 4KB - Virtual size: 36B

.reloc
Size: 4KB - Virtual size: 3KB