47d84a5ab91db29a508bee0aab2fcb7a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

47d84a5ab91db29a508bee0aab2fcb7a_JaffaCakes118
Size

50KB
MD5

47d84a5ab91db29a508bee0aab2fcb7a
SHA1

7ba7803b935ff5cf27d85de63d7d7d3c79f76196
SHA256

7ffd80ca6bfd88a2b5df4be5cfedb2575d93debc6dea63941f71d35f20e03f7a
SHA512

7f94365998315295f1356d2c11f1cdbb0283d9df6bce3367ec87b43ea338db79e7ce79f85eaf90e5f94e008eea5a648e5b2191ea4eceaf3f8948c9ce622e26ab
SSDEEP

1536:L4XIGM+8/Bklrd6RrejN9Sn3If6WaJFeep6bA:atXOQjN9S3ISWaDp6bA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47d84a5ab91db29a508bee0aab2fcb7a_JaffaCakes118

Files

47d84a5ab91db29a508bee0aab2fcb7a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

ae3d56de34c7577cee9388bcfb03830b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetOpenA
DeleteUrlCacheEntryA
HttpQueryInfoA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetReadFile
InternetCloseHandle
HttpSendRequestW
InternetSetOptionW
HttpQueryInfoW
InternetQueryOptionW
HttpOpenRequestW
InternetOpenW
InternetConnectW
DeleteUrlCacheEntryW

ntdll

_chkstk
strncpy
memcpy
memset

gdiplus

GdipGetImagePalette
GdipCloneImage
GdipDrawImageI
GdipFree
GdipGetImageGraphicsContext
GdiplusStartup
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits

kernel32

CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetExitCodeThread
lstrcpynA
lstrcatA
GetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrcpynW
MoveFileExW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
InterlockedExchange
CreateFileMappingW
MapViewOfFile
lstrcmpiA
FreeLibrary
UnmapViewOfFile
lstrcmpW
Sleep
lstrcmpiW
FindResourceW
LoadResource
SizeofResource
LockResource
ExpandEnvironmentStringsW
CreateFileW
WriteFile
CreateThread
GetModuleFileNameW
CloseHandle
GetModuleHandleW
GetModuleHandleA
GetProcAddress
GetTempPathW
GetTempFileNameW
CopyFileW
LocalAlloc
LocalFree
CreateDirectoryW
GetStartupInfoW
GetFileSize
DeleteFileW
ReadFile
SetFilePointer
lstrlenW
GetModuleFileNameA
GetModuleHandleExW
WaitForSingleObject
GetCurrentThreadId
CreateEventW
LoadLibraryW
lstrcatW
lstrcpyA
GetTickCount
lstrlenA
SetEvent
lstrcpyW
WriteProcessMemory
VirtualProtect
GetLocalTime

user32

ToAscii
GetKeyboardState
GetWindowTextW
SetWindowsHookExA
PostThreadMessageW
GetMessageW
UnhookWindowsHookEx
PostQuitMessage
CallNextHookEx
wsprintfW
wsprintfA
IsCharAlphaNumericW
GetClassNameW

gdi32

GetStockObject
CreateDIBSection
SetDIBColorTable
GetPixel
SelectObject
GetObjectW
DeleteDC
CreateCompatibleDC

advapi32

RegOpenKeyExW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegEnumKeyExW
RegQueryValueExW
RegCloseKey

ole32

CreateStreamOnHGlobal

Exports

Exports

AetModuleFileNameExA
AetModuleFileNameExW
GetStockObject

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae3d56de34c7577cee9388bcfb03830b

Headers

DLL Characteristics

File Characteristics

Imports

wininet

ntdll

gdiplus

kernel32

user32

gdi32

advapi32

ole32

Exports

Exports

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB