a253fc63884af53823ef3bf65fe42d7f_JaffaCakes118

General

Target

a253fc63884af53823ef3bf65fe42d7f_JaffaCakes118
Size

28KB
MD5

a253fc63884af53823ef3bf65fe42d7f
SHA1

33554519cdce0b524bb23752a8401a551a9ef577
SHA256

f73365ca37b307b4363a6e109a7815c7813ddcd72dea6307f21d4f4fb75f02b8
SHA512

5a42fb7998e7d6868dcd1d5b2508a2572ea8bdfdc1d7823c457e7592acc5bf80f35a0fe102af787c831b758084a67a2bcb9e988539f88bdae8fe65efd755706a
SSDEEP

768:FBlGEcGFS6dmaYjz/Kdzk+hs2Uu4Rm5KF:FmfeWKwF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a253fc63884af53823ef3bf65fe42d7f_JaffaCakes118

Files

a253fc63884af53823ef3bf65fe42d7f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

33d612a5f2ba14758e2675b5fcf5b91b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
DeleteFileA
ReadFile
GetFileSize
ReadProcessMemory
GlobalLock
GlobalAlloc
Sleep
GetModuleHandleA
GetCurrentProcessId
GetTempPathA
GetLastError
CreateMutexA
lstrcatA
GetModuleFileNameA
GetCurrentProcess
GetCurrentThreadId
Process32Next
Process32First
CreateToolhelp32Snapshot
WriteProfileStringA
CopyFileA
GetSystemDirectoryA
GetProcAddress
VirtualAllocEx
GetProfileStringA
DeviceIoControl
VirtualFreeEx
WaitForSingleObject
CreateFileA
OpenProcess
FreeLibrary
GlobalFree
LoadLibraryExA
ExitProcess
GetPrivateProfileStringA
VirtualProtectEx
LoadLibraryA
WriteProcessMemory
TerminateProcess
SetFilePointer
WriteFile
CloseHandle
TerminateThread
lstrlenA
GetComputerNameA
CreateRemoteThread
CreateThread

user32

GetWindowTextA
FindWindowA
GetForegroundWindow
GetWindowThreadProcessId

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSetValueExA

msvcrt

_stricmp
sprintf
strncpy
strchr
memset
memcpy
memcmp
strstr
atoi
strrchr
strlen
??2@YAPAXI@Z
strcat
_strlwr
free
_initterm
malloc
_adjust_fdiv

wininet

InternetCloseHandle
InternetReadFile
InternetOpenA
InternetOpenUrlA

Exports

Exports

Install

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33d612a5f2ba14758e2675b5fcf5b91b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

wininet

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB