a8a3fb774102d2c609057bdbb6b847d2_JaffaCakes118

General

Target

a8a3fb774102d2c609057bdbb6b847d2_JaffaCakes118
Size

29KB
MD5

a8a3fb774102d2c609057bdbb6b847d2
SHA1

b369541e687b791394cb3cb687a62f6245b9ade5
SHA256

41f37c6acdbe2b3000532161ad1a025c18274a5886fb172223cf3e806d0edec4
SHA512

29bb659f2c51f2a817a5c679b08f15d9b7f1c60c01aa47c4f87e244d4333161b96644be4c39b5adce77a4737dbdc1c400f7ac08c55cbed8bf8a751b4d0c7d419
SSDEEP

768:zF1XoulC5+JSOQpKs0RwnyF45zuYI0H7xQrcu19ZRJg:hCutJSO6KNyyFOzbNCcKZo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8a3fb774102d2c609057bdbb6b847d2_JaffaCakes118

Files

a8a3fb774102d2c609057bdbb6b847d2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c1836e7e43d6b555ed06e169dfa50e6a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
CreateEventA
GetFileAttributesA
ReadFile
lstrcatA
MultiByteToWideChar
GetProcAddress
GlobalFree
GetModuleHandleA
OpenEventW
CloseHandle
GetTempPathA
lstrcpyA
GetProcessHeap
GetTickCount
HeapFree
HeapAlloc
lstrcpynA
GetSystemDefaultLCID
GetUserDefaultLCID
lstrlenA
LoadLibraryA
GetModuleFileNameA
GetSystemTimeAsFileTime
SetFilePointer
lstrcmpA
CreateFileA
WriteFile
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
InterlockedExchange
HeapReAlloc
RtlUnwind
GetStringTypeA
GetLastError
GetStringTypeW
GetACP
GetOEMCP
GetCPInfo
GetLocaleInfoA
WideCharToMultiByte
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
LCMapStringA
LCMapStringW
ExitProcess
TerminateProcess
GetCurrentProcess

user32

MessageBoxA
CallWindowProcA
EnableWindow
SetWindowTextA
IsWindowVisible
DestroyWindow
GetWindowRect
IsChild
GetFocus
wsprintfA
GetClientRect
SendMessageA
RegisterWindowMessageA
wsprintfW
SetWindowLongA
SetDlgItemTextA
GetWindowLongA
CreateWindowExA
GetDlgItem
ShowWindow
IsWindow
CreateWindowExW

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA

wininet

HttpOpenRequestA
InternetSetFilePointer
InternetOpenA
InternetConnectA
InternetCloseHandle

Exports

Exports

check
copy
run

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1836e7e43d6b555ed06e169dfa50e6a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB