8cee757b1a39403ab79ebdc9c0a7bea5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8cee757b1a39403ab79ebdc9c0a7bea5_JaffaCakes118
Size

125KB
MD5

8cee757b1a39403ab79ebdc9c0a7bea5
SHA1

331b2a9531c65f0c84d2c7d9cc5b3a4f315c6fad
SHA256

598b0ba4e71fcb9f983167413070cb36533d2340bae7b0aac03b8070d45cd7aa
SHA512

9235d314b794f5f866943bfb77f492eed7b88a2b1b9d37b1301148608c2cb5d2e0764cd140daa2db95e1b359588fc44b41512a285227a3b8c0e093cbf1097e80
SSDEEP

1536:Uj4WLL4ilTQMG8Uvt3s46AwSOMjTPasLNmCfBbBQbM5Ada:Uk6llTQMGtvt3s87Ln1ZbBgM5A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8cee757b1a39403ab79ebdc9c0a7bea5_JaffaCakes118

Files

8cee757b1a39403ab79ebdc9c0a7bea5_JaffaCakes118
.dll windows:5 windows x86 arch:x86

c9d6476d23dc358a677cfdaeaff012bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

wnsprintfA
StrToIntA
StrStrA
StrCmpNIA
StrStrIA
StrCmpNA
StrNCatA

wininet

InternetReadFile
InternetCloseHandle
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetGetConnectedState
InternetCrackUrlA
HttpQueryInfoA

rpcrt4

UuidCreate
UuidToStringA

kernel32

WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetConsoleMode
lstrlenA
lstrcatA
lstrcpynA
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcmpA
HeapReAlloc
GetLastError
CreateThread
TerminateThread
SleepEx
CloseHandle
ReleaseMutex
HeapFree
WaitForSingleObject
CreateMutexA
Sleep
GetProcessHeap
ReadFile
GetFileSize
CreateFileA
WriteFile
lstrcmpiA
GetVolumeInformationA
GetComputerNameA
GetTickCount
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
FlushFileBuffers
HeapAlloc
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
InitializeCriticalSection
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetModuleHandleA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapSize
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
SetFilePointer
GetConsoleCP

advapi32

RegSetValueExA
RegCreateKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyA

Exports

Exports

NP_GetEntryPoints
NP_GetMIMEDescription
NP_Initialize
NP_Shutdown

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9d6476d23dc358a677cfdaeaff012bd

Headers

File Characteristics

Imports

shlwapi

wininet

rpcrt4

kernel32

advapi32

Exports

Exports

Sections

.text Size: 85KB - Virtual size: 85KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 10KB - Virtual size: 19KB

.rsrc Size: 1024B - Virtual size: 808B

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 85KB - Virtual size: 85KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 10KB - Virtual size: 19KB

.rsrc
Size: 1024B - Virtual size: 808B

.reloc
Size: 9KB - Virtual size: 9KB