5e592aae4f7ef4a37570b5da5366cc76_JaffaCakes118

General

Target

5e592aae4f7ef4a37570b5da5366cc76_JaffaCakes118
Size

10KB
MD5

5e592aae4f7ef4a37570b5da5366cc76
SHA1

2744833cd80a92fd64daee93b1bb76985c2b7282
SHA256

714d91f7b0d4ecb023c6ebaf836e8d16414f76f6c02963cefa21c7cffb11ccce
SHA512

e9bb1f77b7fe7a9304b3f11f84cd3ed313ef2fd9042ea4f48bee78d70dddd3e0f10e5e74ae2186d31e48851a8d0686af5013f0c5ce81020ae1cf72e17c115c69
SSDEEP

192:LVU1K8isgvwcmPpiFs91I+Wt6zXrY/qcVAzjnMlYU2:hU1K8isWw1YMWt6zXrYr4MN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e592aae4f7ef4a37570b5da5366cc76_JaffaCakes118

Files

5e592aae4f7ef4a37570b5da5366cc76_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8af14648e89ea911e9d1de78df591d21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalDeleteAtom
GlobalFree
GlobalLock
GlobalUnlock
GlobalAddAtomA
Sleep
WriteFile
lstrcatA
lstrcmpiA
lstrcpyA
GetVersionExA
GetFileSize
CreateThread
CreateFileA
RtlFillMemory
CloseHandle

user32

GetForegroundWindow
GetMessageA
KillTimer
PostMessageA
FindWindowA
RegisterClassExA
SendMessageA
SetTimer
GetClassNameA
TranslateMessage
UnhookWindowsHookEx
WindowFromPoint
wsprintfA
CallNextHookEx
CreateWindowExA
PostQuitMessage
SetWindowsHookExA
FindWindowExA
DefWindowProcA
DispatchMessageA

wsock32

WSAStartup
WSACleanup
gethostbyname

shell32

ShellExecuteA

wininet

HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA
InternetQueryDataAvailable
InternetReadFile
HttpQueryInfoA
HttpOpenRequestA

advapi32

RegCreateKeyExA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey

Exports

Exports

InstallHooks
UninstallHooks

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 937B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8af14648e89ea911e9d1de78df591d21

Headers

File Characteristics

Imports

kernel32

user32

wsock32

shell32

wininet

advapi32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.bss Size: - Virtual size: 1KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 937B

.reloc Size: 1024B - Virtual size: 674B

.text
Size: 5KB - Virtual size: 5KB

.bss
Size: - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 937B

.reloc
Size: 1024B - Virtual size: 674B