89472101c4c2a2951b56998dd1fa5c78_JaffaCakes118

General

Target

89472101c4c2a2951b56998dd1fa5c78_JaffaCakes118
Size

12KB
MD5

89472101c4c2a2951b56998dd1fa5c78
SHA1

ee607d66bed64cc8ab8f2d5470dc42d606756b71
SHA256

f660ef424f18325e397a52ffdc99de174c40c829d001dbacf726bdb0ea6dc265
SHA512

f1a4d7be02bdec1c888fe0f61652ef1f9ecec3ffff28c82900f8b1562c5459ef9a1626d4ed14a135281494bb138db0e495fe97eab6b514c1eeeabd8e381b0d53
SSDEEP

192:+P/VjsJutSKAHGo7X7fVUV+LHB57pbRiCNDu85+AKAyL:S9vAHR7LKgLh9pu8oXz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89472101c4c2a2951b56998dd1fa5c78_JaffaCakes118

Files

89472101c4c2a2951b56998dd1fa5c78_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d2099510f2457d0d51a05d56936630dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
DeleteFileA
CreateFileA
WriteFile
OpenEventA
Sleep
GetFileSize
ReadFile
GetModuleFileNameA
VirtualProtectEx
ReadProcessMemory
GetProcAddress
GlobalFree
GlobalLock
GlobalAlloc
GetCurrentProcessId
CreateThread
IsBadReadPtr
CreateEventA
SetThreadPriority
OpenProcess
VirtualAllocEx
VirtualAlloc
WriteProcessMemory
VirtualFreeEx
CreateRemoteThread
GetCurrentThreadId
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
VirtualFree
GetCurrentProcess

user32

DestroyCursor
CloseDesktop
CheckRadioButton
CheckMenuRadioItem
CheckMenuItem
CheckDlgButton
GetDesktopWindow
GetDCEx
GetDC
GetCursor
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
DestroyIcon
DestroyMenu
DestroyWindow
DrawIcon
DrawIconEx
DrawMenuBar
GetWindowThreadProcessId
FindWindowA
GetWindowTextA
wsprintfA
PostThreadMessageA
GetMessageA
GetInputState

gdi32

CloseEnhMetaFile
Chord
DeleteObject

advapi32

RegQueryValueExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdata
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 694B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2099510f2457d0d51a05d56936630dc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wininet

Sections

.text Size: 9KB - Virtual size: 9KB

sdata Size: 512B - Virtual size: 260B

.reloc Size: 1024B - Virtual size: 694B

.text
Size: 9KB - Virtual size: 9KB

sdata
Size: 512B - Virtual size: 260B

.reloc
Size: 1024B - Virtual size: 694B