62ab91fba13a1705892c15faec731e7d_JaffaCakes118

General

Target

62ab91fba13a1705892c15faec731e7d_JaffaCakes118
Size

14KB
MD5

62ab91fba13a1705892c15faec731e7d
SHA1

c05fd71c84fcb2c4c6a8cfed2bae7c3a819768f7
SHA256

3a99e37c13e49066b0baf85853c9c5cbf08f98f376713d152d4f5c66198eae98
SHA512

11db7ab47c8cc0729efb9449818666e1af4c35e2c81c703fe0f91f16da8f5b68f3211c5fc568608acdbc6a2e9b21cf2a0b70bdc679e12bca0dd9c655611bfe17
SSDEEP

384:gp9FnsL4/xaYrHr4VR2EM0TIyySMyB2diGbY/:49JhWR2EMl5SMNiGb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62ab91fba13a1705892c15faec731e7d_JaffaCakes118

Files

62ab91fba13a1705892c15faec731e7d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

73f6c60b8b04b0689c083e714b03682b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentThreadId
CreateRemoteThread
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetProcAddress
GetModuleHandleA
DeleteFileA
CreateFileA
WriteFile
OpenEventA
ExitProcess
ReadFile
GetModuleFileNameA
ReadProcessMemory
GetCurrentProcess
CopyFileA
OutputDebugStringA
CreateEventA
SetThreadPriority
CreateThread
Thread32Next
TerminateThread
GetThreadPriority
Thread32First
GetCurrentProcessId
GlobalFree
GlobalLock
GlobalAlloc
GetPrivateProfileStringA
VirtualProtectEx
VirtualFree
GetFileSize
VirtualAlloc

user32

CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
GetThreadDesktop
GetDC
wsprintfA
GetInputState
PostThreadMessageA
GetMessageA

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 858B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73f6c60b8b04b0689c083e714b03682b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Sections

.text Size: 11KB - Virtual size: 11KB

sdata Size: 512B - Virtual size: 512B

.reloc Size: 1024B - Virtual size: 858B

.text
Size: 11KB - Virtual size: 11KB

sdata
Size: 512B - Virtual size: 512B

.reloc
Size: 1024B - Virtual size: 858B