a30980a46911642cb9ff4c0d9f31bdb1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a30980a46911642cb9ff4c0d9f31bdb1_JaffaCakes118
Size

24KB
MD5

a30980a46911642cb9ff4c0d9f31bdb1
SHA1

4abac247a7feb1fb3e5f53ea868c6a35dbd5598e
SHA256

a518823097c5e05a743a1efa673562468eba6f9f3e1dd2750db9fe5767613123
SHA512

fa3bc61ae4a22dc145003de93ae4d71b72df4ccd1cca6fc55cfc523eda8289c9822342332ba52543ddb8234bfb8cedfde8df4757efbe7942cd100f047ebb7a7a
SSDEEP

384:lwQT4aInUwm8t7/2fZLKa7Y0p8sE2Wcu79D6C+i:lXT2Rm87/QZLbYP2WF8C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a30980a46911642cb9ff4c0d9f31bdb1_JaffaCakes118

Files

a30980a46911642cb9ff4c0d9f31bdb1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7a18d7db70b1400de0f7209b37d484c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
OpenProcess
Process32First
Process32Next
ReadFile
ReleaseMutex
Sleep
TerminateProcess
TerminateThread
GetWindowsDirectoryA
GlobalFree
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
GetTickCount
GetSystemDirectoryA
GetCurrentThreadId
WinExec
GlobalAlloc
CreateToolhelp32Snapshot
CreateThread
CreateMutexA
CreateFileA
CloseHandle
WaitForSingleObject

user32

wsprintfA

wsock32

recv
listen
gethostname
gethostbyname
connect
closesocket
bind
accept
__WSAFDIsSet
WSAStartup
socket
send
WSACleanup
select
inet_addr

ole32

CreateStreamOnHGlobal
CoInitialize

shlwapi

StrStrIA
StrToIntA
StrDupA
StrRChrA
StrTrimA

wininet

InternetCrackUrlA
InternetGetConnectedState
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

advapi32

RegCreateKeyA
RegQueryValueExA
RegDeleteValueA
RegSetValueExA
RegDeleteKeyA
RegCloseKey

iphlpapi

GetNetworkParams

urlmon

URLDownloadToFileA

shell32

ShellExecuteA

msvcrt

strtok

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 658B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a18d7db70b1400de0f7209b37d484c0

Headers

File Characteristics

Imports

kernel32

user32

wsock32

ole32

shlwapi

wininet

advapi32

iphlpapi

urlmon

shell32

msvcrt

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 12KB

.reloc Size: 1024B - Virtual size: 658B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 12KB

.reloc
Size: 1024B - Virtual size: 658B