8985217795e88944b5c75735ed938a59_JaffaCakes118

General

Target

8985217795e88944b5c75735ed938a59_JaffaCakes118
Size

18KB
MD5

8985217795e88944b5c75735ed938a59
SHA1

2c8217a363453219b9454c72b4d72730b3a21cf7
SHA256

3b7f1d051df04cd81b3b95a5dae0e6a0d2767454c12c40b2ef7f902b0fd4980b
SHA512

fe64a34d04a33f094398f47fbb9fc576209caef36dc8bc53275878845bc6a1af611e4f08ff6c34d2541c7641ba273c79cdfc1112651aaea75261d0994845cf19
SSDEEP

384:ZRuRI7UtPuo/cclOABdAMacqaBNabGm3kkByra:7tyPuoEeB1aZqNFm3ira

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8985217795e88944b5c75735ed938a59_JaffaCakes118

Files

8985217795e88944b5c75735ed938a59_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0b6df36de289d237531081e8b58e17c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

recv
gethostbyname
send
inet_addr
WSAStartup
ioctlsocket
htons
socket
connect
WSACleanup
closesocket

user32

EmptyClipboard
SetClipboardData
SetForegroundWindow
OpenClipboard
CloseClipboard
VkKeyScanA
keybd_event
ShowWindow
BlockInput
SetFocus

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA

msvcrt

_CxxThrowException
strtok
memcpy
strcpy
strlen
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
sprintf
strstr
malloc
strcat
rand
srand
memset
fclose
fwrite
fopen
??1type_info@@UAE@XZ
free
_initterm
_adjust_fdiv
__dllonexit
_onexit

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysAllocString
SysStringLen
SysFreeString
VariantInit
VariantClear
GetErrorInfo

kernel32

LocalFree
lstrlenA
MultiByteToWideChar
DisableThreadLibraryCalls
CreateMutexA
GetLastError
CreateFileA
CloseHandle
GetProcAddress
GlobalUnlock
lstrcmpiA
CreateProcessA
GetTickCount
GetLocaleInfoA
Sleep
ExitThread
InterlockedDecrement
GlobalAlloc
GlobalLock
LoadLibraryA
CreateThread
WideCharToMultiByte

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b6df36de289d237531081e8b58e17c7

Headers

File Characteristics

Imports

wsock32

user32

advapi32

wininet

msvcrt

ole32

oleaut32

kernel32

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB