5baa143f6dfd5ab1c628aa40c1b72624_JaffaCakes118

General

Target

5baa143f6dfd5ab1c628aa40c1b72624_JaffaCakes118
Size

27KB
MD5

5baa143f6dfd5ab1c628aa40c1b72624
SHA1

27a4d94c6d7b3b92d2d749153c5fe11ac329dc5e
SHA256

772ec85ba4be829f1511aca49b5ea6973e9210221df0915ab6fad1ab62faffb0
SHA512

41cdbf622f4e44ee95ba9315dce279e5f6d596a1d25bc9f79b67afa9c0d1a4dc4c20ff57a505d8e1d6b96e3b75cab4918196c35b4872abb18c8fea519661d60d
SSDEEP

384:i56d+goODriBkmGSmlxYCcWyiwj/G4VHKdPu2Rndq5qhTiASc6j:i56d0OmGrYZXiS+4AdPu2RndORck

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5baa143f6dfd5ab1c628aa40c1b72624_JaffaCakes118

Files

5baa143f6dfd5ab1c628aa40c1b72624_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7f722d573339ab7932f4a672deb415f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
TerminateProcess
OpenProcess
Sleep
WriteFile
WritePrivateProfileStringA
TerminateThread
GetFileAttributesW
ReadProcessMemory
VirtualQueryEx
WideCharToMultiByte
GetLastError
FindClose
FindFirstFileA
SetFilePointer
GetPrivateProfileIntA
GetModuleHandleA
VirtualProtect
GetTempPathA
CreateFileA
GetFileSize
ReadFile
CloseHandle
CreateThread
DeleteFileA
lstrcpynA
GetPrivateProfileStringA
LoadLibraryA
GetProcAddress
OutputDebugStringA
GetProcessHeap
HeapAlloc
GetModuleFileNameA

user32

GetClassNameW
wsprintfA
GetWindow

msvcrt

strrchr
sprintf
strncpy
strstr
_except_handler3
wcslen
wcsncat
wcscpy
wcsstr
exit
printf
_itoa
_stricmp
strcmp
_vsnprintf
_initterm
_adjust_fdiv
strcat
memcpy
strlen
mbstowcs
??2@YAPAXI@Z
wcscmp
??3@YAXPAX@Z
malloc
memset
strcpy
_strcmpi
_strupr
free

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject
CreateDCA
GetDeviceCaps
DeleteDC

wininet

InternetCloseHandle

iphlpapi

GetAdaptersInfo

gdiplus

GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f722d573339ab7932f4a672deb415f7

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

gdi32

wininet

iphlpapi

gdiplus

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB