4a710dd766ee6d9ea745475bce9cfb40_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a710dd766ee6d9ea745475bce9cfb40_JaffaCakes118
Size

26KB
MD5

4a710dd766ee6d9ea745475bce9cfb40
SHA1

7e5b565f2de233df31c509d31f25c086f3fd82b7
SHA256

87ca82931a239a83db52c8122ed013858942ee03a784e710e0ad427e0ca261bc
SHA512

7be75f0a4cc9cb75aaa7ae21621253c12ca3f9422899c7cb940224638a7ea710a3fb0ff2528b9f1737f270ffb957f46f93317da43b38e1c3f7d6001efbbb658b
SSDEEP

768:yxo0y5bmiIEcPyDygAR/2a9ccuYPylySZ:yi06bmiI/PyDUMyC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a710dd766ee6d9ea745475bce9cfb40_JaffaCakes118

Files

4a710dd766ee6d9ea745475bce9cfb40_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f17ac8258bc27f26893aa59412f3dc41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatA
lstrcpyA
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
Sleep
lstrcmpA
ExitProcess
lstrcmpiA
lstrlenA
GetTickCount
lstrcpynA
GetModuleHandleA
VirtualAlloc
GetSystemTime
WideCharToMultiByte
MultiByteToWideChar
CloseHandle
ReadFile
CreateFileA
SetFilePointer
GetModuleFileNameA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
RtlUnwind

user32

CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
PostThreadMessageA
FindWindowA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
HttpQueryInfoA

Exports

Exports

DivxDecode
Hookoff
Hookon
InitializeDivxDecoder
SetOutputFormat
UnInitializeDivxDecoder
ftsWordBreak

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ