967074d1537c4fa07f8c5f706c9e1de1_JaffaCakes118

General

Target

967074d1537c4fa07f8c5f706c9e1de1_JaffaCakes118
Size

13KB
MD5

967074d1537c4fa07f8c5f706c9e1de1
SHA1

8107e6488ce4aff44a12b069ec25f13f6a748436
SHA256

49cf4529b659ba26bc755fd89ae1a98007b3ca7b382f21bb81958352637ad531
SHA512

9569940a9f47de4c5928300b94a7d8a26e0c667f8fd6eacc355ac4f872bb704c423a3965dc7e59b5c7fba0ed38469d9cf736a1333a99d30efc043302555dbe12
SSDEEP

384:v5Ah9v1gR14Q73hboNsOR4NMyUEEBDlZ:vGhfQ73VAlgMfEEBJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
967074d1537c4fa07f8c5f706c9e1de1_JaffaCakes118

Files

967074d1537c4fa07f8c5f706c9e1de1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f712bd0b0e18813c766ff049a9015d81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
DeleteFileA
CreateFileA
WriteFile
OpenEventA
Sleep
GetFileSize
ReadFile
GetModuleFileNameA
GlobalFree
GlobalLock
GetProcAddress
VirtualProtectEx
ReadProcessMemory
GetCurrentProcess
IsBadReadPtr
GetWindowsDirectoryA
CreateEventA
SetThreadPriority
CreateThread
OutputDebugStringA
GetPrivateProfileStringA
OpenProcess
VirtualAllocEx
WriteProcessMemory
VirtualFreeEx
CreateRemoteThread
GetCurrentThreadId
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
VirtualFree
GlobalAlloc
VirtualAlloc

user32

SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
CheckDlgButton
CheckMenuItem
CheckMenuRadioItem
CheckRadioButton
CloseDesktop
DestroyIcon
DestroyMenu
DestroyWindow
wsprintfA
GetInputState
PostThreadMessageA
GetMessageA

gdi32

CancelDC
CloseEnhMetaFile
Chord

advapi32

RegCreateKeyExA
OpenProcessToken
LookupPrivilegeValueA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
AdjustTokenPrivileges

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdata
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 786B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f712bd0b0e18813c766ff049a9015d81

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wininet

Sections

.text Size: 10KB - Virtual size: 10KB

sdata Size: 512B - Virtual size: 260B

.reloc Size: 1024B - Virtual size: 786B

.text
Size: 10KB - Virtual size: 10KB

sdata
Size: 512B - Virtual size: 260B

.reloc
Size: 1024B - Virtual size: 786B