89135a5be01f3df311e357ee8bed2aac_JaffaCakes118

General

Target

89135a5be01f3df311e357ee8bed2aac_JaffaCakes118
Size

40KB
MD5

89135a5be01f3df311e357ee8bed2aac
SHA1

1af908165bbceb8d2f0bdd970d48df774e5ec44a
SHA256

1e89ba7d30bb829c33be1ee151265d88e9fbe0b66f805e804be42b1d0e6435b4
SHA512

cf3d1416e0dd22c82329298e07863d5aa30aa7e9c96792349411c6c3ab43b8f438d3522f12ad2c3a495e23961b13f4ed48f50b69f2fdae48bf438286f428cfb1
SSDEEP

768:H11p1yMQctpNDbdNu3+efYX60RMFYfWsTGy2PfSNM:H11plpNFNuRfX0uaeq59+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89135a5be01f3df311e357ee8bed2aac_JaffaCakes118

Files

89135a5be01f3df311e357ee8bed2aac_JaffaCakes118
.dll windows:4 windows x86 arch:x86

223e1ecd320d5d8aeecf4aa7d23f7a12

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitThread
lstrlenA
FreeLibrary
GetProcAddress
GlobalFree
LoadLibraryExA
GlobalAlloc
Process32Next
Process32First
CreateToolhelp32Snapshot
LoadLibraryA
GetTickCount
lstrcpyA
GetPrivateProfileStringA
lstrcatA
GetTempPathA
GetPrivateProfileIntA
GetLocalTime
UnmapViewOfFile
MapViewOfFile
SetFileTime
GetLastError
SetFilePointer
CreateFileMappingA
GetFileTime
GetFileSize
SetFileAttributesA
GetFileAttributesA
MultiByteToWideChar
FindClose
lstrcmpiA
FindNextFileA
FindFirstFileA
ReadFile
VirtualAlloc
GetDriveTypeA
GetComputerNameA
WaitForSingleObject
TerminateThread
ReleaseMutex
OpenFileMappingA
GetModuleFileNameA
SetErrorMode
Sleep
DeleteFileA
CreateFileA
WriteFile
CloseHandle
WritePrivateProfileStringA
SetEndOfFile
lstrcpynA
RtlUnwind

user32

wsprintfA
CharUpperA
UnhookWindowsHookEx
KillTimer
SetTimer
CallNextHookEx
CharLowerA

ws2_32

WSAStartup
gethostbyname

advapi32

RegCloseKey
RegEnumKeyExA
RegDeleteValueA
RegEnumValueA
RegOpenKeyExA
RegSetValueExA
RegDeleteKeyA

Exports

Exports

winresp2

Sections

.text
Size: 33KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Shared
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

223e1ecd320d5d8aeecf4aa7d23f7a12

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

advapi32

Exports

Exports

Sections

.text Size: 33KB - Virtual size: 64KB

.rdata Size: 2KB - Virtual size: 2KB

Shared Size: 512B - Virtual size: 144B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 33KB - Virtual size: 64KB

.rdata
Size: 2KB - Virtual size: 2KB

Shared
Size: 512B - Virtual size: 144B

.reloc
Size: 3KB - Virtual size: 2KB