af9ad75c5a28930f6c35b424df0861fe_JaffaCakes118

General

Target

af9ad75c5a28930f6c35b424df0861fe_JaffaCakes118
Size

15KB
MD5

af9ad75c5a28930f6c35b424df0861fe
SHA1

f7af702e409fd408cd83e66582aa4d282b131825
SHA256

d868b772ff2a7892c0b52f8d953624d6c10161127eeff75ed2e6a3628e442182
SHA512

072ee8910b1de12451b4c3b83e70e9603bacfb5b32509b0cfdc81e0e0ccded90aaf1e453c95fd4257c6632d442323995e43e2bf194aa1da82171460b890d614d
SSDEEP

192:JCWPreCuZ4Wf8rfU1r/HYWZLrg3ZI6U+qZ44+Hw1GtV4z//6iwy1tv:lJuMs1r/3LraI6URWwGtV4r6ijnv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af9ad75c5a28930f6c35b424df0861fe_JaffaCakes118

Files

af9ad75c5a28930f6c35b424df0861fe_JaffaCakes118
.dll windows:4 windows x86 arch:x86

180fa674e53b90e8040d276113e60945

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentThreadId
CreateRemoteThread
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetProcAddress
GetModuleHandleA
DeleteFileA
CreateFileA
WriteFile
OpenEventA
GetFileSize
GetCommandLineA
VirtualProtectEx
ReadProcessMemory
GetCurrentProcess
CreateEventA
SetThreadPriority
VirtualAlloc
VirtualFree
ExitProcess
Thread32Next
TerminateThread
GetThreadPriority
Thread32First
GetCurrentProcessId
GetPrivateProfileStringA
GlobalAlloc
GlobalLock
GlobalFree
GetModuleFileNameA
ReadFile
CreateThread

user32

UnhookWindowsHookEx
wsprintfA
GetMessageA
PostThreadMessageA
SetWindowsHookExA
CallNextHookEx
GetInputState

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 938B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

180fa674e53b90e8040d276113e60945

Headers

File Characteristics

Imports

kernel32

user32

wininet

advapi32

Sections

.text Size: 13KB - Virtual size: 12KB

sdata Size: 512B - Virtual size: 512B

.reloc Size: 1024B - Virtual size: 938B

.text
Size: 13KB - Virtual size: 12KB

sdata
Size: 512B - Virtual size: 512B

.reloc
Size: 1024B - Virtual size: 938B