b9c88bc3b0eac550411abae482f89590_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b9c88bc3b0eac550411abae482f89590_JaffaCakes118
Size

105KB
MD5

b9c88bc3b0eac550411abae482f89590
SHA1

399266315874191bb814f07f3e87b3fe594650c9
SHA256

46311494a4febc33582470a73ccff461e1f333817cd58edcf5c26f5df5834ca3
SHA512

e5606dbe4ca645fe3beefe99161b9ea0a94777e8c366f60e0efab99613d252ffc032bdc011278a1312088c5972259dae34e5ac689ed391bf2656a332278dbbf5
SSDEEP

3072:SKhXVh2jYPLCiIGsNkRGzqR2Pa/HaG2fKv037NeVnilWI:ZT2j8LCLGs+RGWR2Pa/HaMvYlx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9c88bc3b0eac550411abae482f89590_JaffaCakes118

Files

b9c88bc3b0eac550411abae482f89590_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2faf730e13f132e1e3d503a895d3863b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTimeZoneInformation
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
ReadFile
SetFileAttributesA
Sleep
SystemTimeToFileTime
UnmapViewOfFile
GetLastError
GetTimeFormatA
WaitForMultipleObjects
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrlenA
GetFileSize
GetSystemTime
VirtualFree
GetProcAddress
GetDateFormatA
FindNextFileA
FindFirstFileA
FindClose
ExitThread
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateThread
CreateMutexA
CreateFileMappingA
CreateFileA
VirtualAlloc
CloseHandle

user32

wsprintfA

ws2_32

closesocket
connect
gethostbyaddr
gethostbyname
inet_addr
recv
select
WSAStartup
WSACleanup
send
socket

advapi32

CryptDestroyHash
CryptCreateHash
CryptAcquireContextA
CryptGetHashParam
CryptHashData
CryptReleaseContext
RegCloseKey
RegCreateKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA

wininet

FindNextUrlCacheEntryA
FindFirstUrlCacheEntryW
FindFirstUrlCacheEntryA
FindCloseUrlCache

ole32

CoTaskMemFree

dnsapi

DnsQuery_A
DnsRecordListFree

crypt32

CryptUnprotectData

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2faf730e13f132e1e3d503a895d3863b

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

advapi32

wininet

ole32

dnsapi

crypt32

Sections

.text Size: 34KB - Virtual size: 33KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 65KB - Virtual size: 64KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 34KB - Virtual size: 33KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 65KB - Virtual size: 64KB

.reloc
Size: 2KB - Virtual size: 2KB