4728350a11ee3a90f0c9427c10cafaba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4728350a11ee3a90f0c9427c10cafaba_JaffaCakes118
Size

72KB
MD5

4728350a11ee3a90f0c9427c10cafaba
SHA1

987046885706407a004ad2dfc95b355e2bc2a427
SHA256

c058c1fdd71397adf50d3e29a7a605e9f92627e2a9af29a000801bf1c4bbae5c
SHA512

c12b4a209e2cf3ca583e36415a462e906378e3f3434593e67c64b37bd2d79921eaaaf34113c85e08f35a57e32ac8dbeb9f2ffc603b3958f47dea96f7c2e991dc
SSDEEP

1536:TLW3ks9A0zkyy9tTxWpwLArpHgpAsxoQ:TKUsNUSLABxo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4728350a11ee3a90f0c9427c10cafaba_JaffaCakes118

Files

4728350a11ee3a90f0c9427c10cafaba_JaffaCakes118
.dll windows:4 windows x86 arch:x86

29c82024129513994155795099942d25

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateThread
GetExitCodeThread
WaitForSingleObject
GlobalFree
GlobalReAlloc
GlobalAlloc
GetVersionExA
CloseHandle
DisconnectNamedPipe
TerminateProcess
SetFileAttributesA
CreateThread
CreateProcessA
DuplicateHandle
GetCurrentProcess
ExitThread
GetLastError
ReadFile
PeekNamedPipe
WriteFile
GlobalSize
GetFileAttributesA
GetSystemDirectoryA
DeleteFileA
Sleep
GetTickCount
WaitForMultipleObjects
CreatePipe
DeleteCriticalSection
EnterCriticalSection
LCMapStringA
GetProcAddress
GetOEMCP
GetACP
MultiByteToWideChar
GetTimeZoneInformation
CreateFileA
GetCPInfo
SetStdHandle
GetEnvironmentStringsW
FlushFileBuffers
CompareStringW
CompareStringA
RtlUnwind
SetEndOfFile
LoadLibraryA
SetLastError
GetStringTypeW
GetStringTypeA
LCMapStringW
HeapAlloc
HeapFree
FindFirstFileA
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
TlsAlloc
TlsSetValue
LeaveCriticalSection
ExitProcess
VirtualAlloc
HeapReAlloc
SetFilePointer
SetHandleCount
GetCurrentThreadId
WideCharToMultiByte
GetEnvironmentStrings
TlsFree
TlsGetValue
FreeEnvironmentStringsA
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsW

user32

SetCursorPos
PeekMessageA
DispatchMessageA
TranslateMessage
GetDC
ReleaseDC
GetMessageExtraInfo
keybd_event
mouse_event
GetSystemMetrics

gdi32

RealizePalette
SelectPalette
GetDIBits
GetStockObject
DeleteObject
GetObjectA
SelectObject
CreateCompatibleBitmap
StretchBlt
CreateDCA
CreateCompatibleDC

shell32

ShellExecuteA

ws2_32

gethostbyname
setsockopt
recv
WSACleanup
WSAStartup
socket
inet_addr
htons
ioctlsocket
connect
closesocket
select
__WSAFDIsSet
WSAGetLastError
send

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29c82024129513994155795099942d25

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ws2_32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 11KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 11KB

.reloc
Size: 8KB - Virtual size: 4KB