b3945d9c54f46448b1ff8e6bb2da1476_JaffaCakes118

General

Target

b3945d9c54f46448b1ff8e6bb2da1476_JaffaCakes118
Size

32KB
MD5

b3945d9c54f46448b1ff8e6bb2da1476
SHA1

90d42b164087e9bb4501065d7dd46102644a6e73
SHA256

1524b826ecbfe901697ad1b59f2d501f7cba4e2fcc9348bf22f5e87f05d97710
SHA512

3f423d8044e976445fa7af5e834015117db665342bbf9d5b41d181c044eeb884e0f48eb0695eaf6c6590f496492b105715d15696e78274fa089aff4323bc6bb1
SSDEEP

384:wVV/uMFCfgab6BZ6T2cQrWtJ+I5JT328Wi:qV/uMFCYabU6TJ+I5Jqx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3945d9c54f46448b1ff8e6bb2da1476_JaffaCakes118

Files

b3945d9c54f46448b1ff8e6bb2da1476_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

2974a1cbfd4cfefa42098e8b5183321b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

connect
ioctlsocket
recv
socket
closesocket
htons
gethostbyname

kernel32

IsBadStringPtrA
Sleep
GetVersionExA
GetProcAddress
GetWindowsDirectoryA
CreateThread
LoadLibraryA
IsBadReadPtr
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
GetSystemDefaultLCID
GetSystemInfo
GetLastError
VirtualAlloc
MapViewOfFile
CreateFileMappingA
CreateFileA
OpenFileMappingA
WinExec
GetModuleFileNameA
ReleaseMutex
GetCurrentProcessId
OpenProcess
CloseHandle
CreateMutexA

user32

CallNextHookEx

wininet

InternetCrackUrlA

msvcrt

calloc
atoi
ftell
fgets
fclose
_adjust_fdiv
malloc
_initterm
_onexit
__dllonexit
free
??3@YAXPAX@Z
_strdup
realloc
sprintf
fopen
??2@YAPAXI@Z
__CxxFrameHandler
fseek

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2974a1cbfd4cfefa42098e8b5183321b

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

wininet

msvcrt

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 68KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 68KB

.reloc
Size: 4KB - Virtual size: 1KB