ada1629fb7d88514be4fcbe15cd0b47a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ada1629fb7d88514be4fcbe15cd0b47a_JaffaCakes118
Size

205KB
MD5

ada1629fb7d88514be4fcbe15cd0b47a
SHA1

ae2bb9e22c00a03db6a6d3179d81f4caf1bad307
SHA256

59745b94e380a81494c49a10f1fdf0c622fd81f45d1c48a74bf522b0af9fb4ac
SHA512

1946df6613562c55eb9561e8776daea50c289f561b83ea61950dc7089db3d3ec9e6b1babf458e95971e0e07daeac516baf4947905bcaadbae44832f2be47845f
SSDEEP

768:N9TohmjvXehU2mcWQCPozTJjjw+C2nw6WFqfBeiZxWpWq:/oAjveJCPozTNj9oXFqf5Zw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ada1629fb7d88514be4fcbe15cd0b47a_JaffaCakes118

Files

ada1629fb7d88514be4fcbe15cd0b47a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5e4a29b64ba38dde46025d6f33f0da14

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreatePipe
CreateProcessA
CreateThread
DeleteFileA
DeviceIoControl
ExitThread
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetFullPathNameA
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
CreateNamedPipeA
GetSystemDirectoryA
GetTempPathA
GetTickCount
HeapAlloc
HeapFree
CreateFileMappingA
LoadLibraryA
LocalAlloc
LocalFree
LockFile
MapViewOfFile
MultiByteToWideChar
OpenProcess
ReadFile
RtlZeroMemory
SetFilePointer
Sleep
TerminateProcess
TerminateThread
VirtualAlloc
VirtualProtectEx
WaitForSingleObject
WideCharToMultiByte
_llseek
_lread
_lwrite
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
CreateFileA
CreateEventA
CreateDirectoryA
ConnectNamedPipe
CloseHandle
IsBadCodePtr
GetSystemDefaultLangID
UnmapViewOfFile
CreatePipe
CreateProcessA
CreateThread
DeleteFileA
DeviceIoControl
ExitThread
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetFullPathNameA
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
CreateNamedPipeA
GetSystemDirectoryA
GetTempPathA
GetTickCount
HeapAlloc
HeapFree
CreateFileMappingA
LoadLibraryA
LocalAlloc
LocalFree
LockFile
MapViewOfFile
MultiByteToWideChar
OpenProcess
ReadFile
RtlZeroMemory
SetFilePointer
Sleep
TerminateProcess
TerminateThread
VirtualAlloc
VirtualProtectEx
WaitForSingleObject
WideCharToMultiByte
_llseek
_lread
_lwrite
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
CreateFileA
CreateEventA
CreateDirectoryA
ConnectNamedPipe
CloseHandle
IsBadCodePtr
GetSystemDefaultLangID
UnmapViewOfFile

advapi32

RegDeleteKeyA
RegCreateKeyA
RegCloseKey
OpenSCManagerA
CreateServiceA
RegEnumKeyExA
RegNotifyChangeKeyValue
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
StartServiceA

gdi32

BitBlt
CreateCompatibleDC
CreateDCA
SelectObject
GetDeviceCaps
GetDIBColorTable
DeleteObject
DeleteDC
CreateDIBSection

ole32

CreateStreamOnHGlobal
CoTaskMemFree

shell32

ShellExecuteA

user32

ToAscii
SetWindowsHookExA
SetWindowTextA
SendMessageA
GetWindowTextA
GetKeyboardState
GetKeyNameTextA
GetForegroundWindow
GetFocus
GetDlgItemTextA
GetClassNameA
EnumChildWindows
CharLowerA
CallNextHookEx
wsprintfA

wininet

HttpSendRequestA
InternetConnectA
InternetGetConnectedState
InternetOpenA
HttpOpenRequestA
InternetReadFile
InternetQueryDataAvailable

ws2_32

Exports

Exports

gatwxkey

Sections

.text
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e4a29b64ba38dde46025d6f33f0da14

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

ole32

shell32

user32

wininet

ws2_32

Exports

Exports

Sections

.text Size: 200KB - Virtual size: 200KB

.rsrc Size: 1024B - Virtual size: 4KB

.avc Size: 4KB - Virtual size: 4KB

.text
Size: 200KB - Virtual size: 200KB

.rsrc
Size: 1024B - Virtual size: 4KB

.avc
Size: 4KB - Virtual size: 4KB