bcd24af6d3c2a22cca76c2ede5021f08_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bcd24af6d3c2a22cca76c2ede5021f08_JaffaCakes118
Size

30KB
MD5

bcd24af6d3c2a22cca76c2ede5021f08
SHA1

1929218c1626fbb26203d51f02a01d2a6fc4b2f0
SHA256

397f51c12a3936dcbd60af9021cfb789c0a752ed736a4418adc69d9afd9fd02e
SHA512

f1cd898b52adfffe6be1b73968a0eab295d6b41c2a4d31a761fe1fba6f1d3c84612b36596fd6c21fbba999d5a00b50a485cb72d142d18ff6156e8e9835810562
SSDEEP

768:f91DMytlNu7LJiDFAKBdcFk4w0fhgMEC4Gy:f9RMy34MuY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcd24af6d3c2a22cca76c2ede5021f08_JaffaCakes118

Files

bcd24af6d3c2a22cca76c2ede5021f08_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ec57ec39fe2f1b1a46d6d3f56d20ed13

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetThreadPriority
GetPrivateProfileStringA
GetModuleHandleA
ReadProcessMemory
SetUnhandledExceptionFilter
SetThreadContext
OpenThread
GetProcAddress
ReadFile
CreateFileA
Thread32Next
GetThreadPriority
Thread32First
CreateToolhelp32Snapshot
WideCharToMultiByte
MultiByteToWideChar
TerminateProcess
CreateProcessA
GetModuleFileNameA
VirtualAlloc
LoadLibraryA
ExitProcess
WaitForSingleObject
GetCurrentThreadId
GetCurrentProcess
GetCurrentThread
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualProtect
SetFilePointer
WriteFile
DeleteFileA
VirtualProtectEx
WriteProcessMemory
CloseHandle
GetCurrentProcessId
CreateMutexA
GetLastError
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetCommandLineA
IsBadReadPtr
TerminateThread
GetSystemDirectoryA
CreateThread

user32

GetWindowThreadProcessId
GetWindowTextA
GetForegroundWindow
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
FindWindowA

wininet

InternetCloseHandle
InternetReadFile

msvcrt

??3@YAXPAX@Z
_strcmpi
_strlwr
_stricmp
wcslen
strcmp
fopen
fread
fclose
strstr
??2@YAPAXI@Z
memcpy
strrchr
memset
strcat
sprintf
strcpy
strlen
atoi
_strupr
strncpy
strchr

Exports

Exports

rrr
sss

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdt
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec57ec39fe2f1b1a46d6d3f56d20ed13

Headers

File Characteristics

Imports

kernel32

user32

wininet

msvcrt

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 14KB

sdt Size: 512B - Virtual size: 4B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 14KB

sdt
Size: 512B - Virtual size: 4B

.reloc
Size: 3KB - Virtual size: 2KB