473bb9ca760c347cb484d2457ec22362_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

473bb9ca760c347cb484d2457ec22362_JaffaCakes118
Size

39KB
MD5

473bb9ca760c347cb484d2457ec22362
SHA1

a340e738989ce1f926208151b314629e744449e9
SHA256

506e5a95e6519213446319ae7d20c711527b06aa2329adbf07348104ee62b323
SHA512

c0cfacb3c9999224cfd7217f42c87d7fac2a8f19136daa4a9d4709440a457547ec132ab93a6368d566545ab059ecdc0bc6c52d0ea779c998399e1b353b2b4b5a
SSDEEP

768:1AE940v+122hNOkJS8JKZsvV/u6WxZDcOalwU1TwDJ:OE+NV5v4FZM9m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
473bb9ca760c347cb484d2457ec22362_JaffaCakes118

Files

473bb9ca760c347cb484d2457ec22362_JaffaCakes118
.dll windows:1 windows x86 arch:x86

b61c26f52d1bb9bc470e2c8703aaa07e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetReadFile

iphlpapi

GetTcpTable

kernel32

DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
GetEnvironmentStringsA
GetLocalTime
CloseHandle
CopyFileA
LocalAlloc
LocalFree
OpenMutexA
OutputDebugStringA
RtlUnwind
CreateFileA
Sleep
WinExec
WriteFile
CreateMutexA
lstrcatA
lstrcpyA

user32

SetTimer
KillTimer
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
RegisterClassA
PostQuitMessage
CreateWindowExA
DestroyWindow
SetWindowPos
DefWindowProcA

gdi32

GetStockObject

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA

crtdll

_fdopen
_iob
_itoa
_open_osfhandle
_strnicmp
atoi
fclose
feof
fgets
fopen
fputc
fputs
free
fwrite
_cexit
localeconv
malloc
memcpy
memmove
memset
pow
raise
setbuf
strcat
strchr
strcmp
strncmp
strncpy
strstr
strtol
wcslen
wctomb

Exports

Exports

_LibMain@12
load

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE

.edata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b61c26f52d1bb9bc470e2c8703aaa07e

Headers

File Characteristics

Imports

wininet

iphlpapi

kernel32

user32

gdi32

advapi32

crtdll

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 28KB

.bss Size: - Virtual size: 2KB

.data Size: 3KB - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.edata Size: 88B - Virtual size: 88B

.text
Size: 28KB - Virtual size: 28KB

.bss
Size: - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB

.edata
Size: 88B - Virtual size: 88B