83c3b71f3ec079ce6abe7cbce80347d7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

83c3b71f3ec079ce6abe7cbce80347d7_JaffaCakes118
Size

45KB
MD5

83c3b71f3ec079ce6abe7cbce80347d7
SHA1

db3d6a6699789c2ae07579dac7137ec75387cc6b
SHA256

fc231479b4bd14a4429fb6f2083f92345605c11488ff225f12e16f65f94d9b48
SHA512

598a3f2424ada3005e3cbc078622ac8c13ae205f37989b3e5138a1d1f93de5b98a0b5c88910d1de6ada3836e3b2a18b680fcd5c9028e83f4af79b005eea3d788
SSDEEP

384:pTX3ouNTB4REK2ffPoe1wMx+5AnaeSPHMPdGQaZH2kbI7dK53Hp2+MBen:pTXNTB4RExvofw+uzrPC12iIRKhANen

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83c3b71f3ec079ce6abe7cbce80347d7_JaffaCakes118

Files

83c3b71f3ec079ce6abe7cbce80347d7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b8b53e61639513e56de4c8def5ac4b4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MoveFileExA
GetLocaleInfoA
AddConsoleAliasA
Process32First
SetEvent
MapUserPhysicalPages
GetTempPathA
SetLastError
GetCurrentThread
GetSystemTimeAdjustment
GetProcessId
IsValidCodePage
WaitForMultipleObjectsEx
HeapFree
SetStdHandle
OpenWaitableTimerA
DeleteAtom
GetThreadIOPendingFlag
GetFileSizeEx
VirtualFree
UnregisterWait
GetConsoleInputWaitHandle
lstrlenA
InterlockedDecrement
HeapDestroy
OpenMutexA
FindNextVolumeMountPointA
GetStartupInfoA
IsBadStringPtrA
SetFileAttributesA
VirtualAlloc
LocalReAlloc
HeapSize
GetFileAttributesA
CreateTimerQueueTimer
QueryPerformanceCounter
SetFilePointer
SetDefaultCommConfigA
CompareStringA
RequestDeviceWakeup
HeapLock
_hread
lstrlenA
LocalFlags
RequestWakeupLatency
GetSystemInfo
GetComputerNameA
GetThreadContext
PurgeComm
ReleaseSemaphore
VerifyVersionInfoA
ClearCommError
WriteConsoleA
FindNextFileA
IsValidLocale
GetPriorityClass
HeapQueryInformation
GetEnvironmentVariableA
IsBadCodePtr
SetConsoleScreenBufferSize
SetComputerNameExA
ResetEvent
FillConsoleOutputAttribute
GlobalCompact
GetExitCodeThread
WriteConsoleOutputCharacterA
GetStdHandle
GlobalDeleteAtom
WaitCommEvent
GetConsoleMode
Heap32ListNext
ReleaseMutex

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeBeginPeriod
timeGetTime

Exports

Exports

CreateMhulecatwe
Tuxskpf
EndIngmsls
GetMgqwoptnlip
Ykahaiyp
GetSxrkruqejq
Phspqdwga
Pkeguncphj

Sections

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8b53e61639513e56de4c8def5ac4b4e

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Exports

Exports

Sections

.idata Size: - Virtual size: 3KB

.text Size: 16KB - Virtual size: 26KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 3KB

.text
Size: 16KB - Virtual size: 26KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB