bdbd0e90abbb73ae7461900d82bb9985_JaffaCakes118

General

Target

bdbd0e90abbb73ae7461900d82bb9985_JaffaCakes118
Size

14KB
MD5

bdbd0e90abbb73ae7461900d82bb9985
SHA1

4f6a6d5bbc795c1d3175a674cc07cb919f0cc872
SHA256

beea570b4ba7a7ae5489a3ba94e0d8d06cc91a2b9afa87f7569dee77c858bb8e
SHA512

d91d38fb716bc866bd2bd0565fba3215d89baed2fd0d03c221d822508aa5956d65a7e01cec3d284adfd9f59fceb599ac579216749373b6d37d2c92f1e85e01ea
SSDEEP

192:3jLJFYYL562XtI46VpcqbQZJDyi2WxqQdmPAKEF8vz1Y:3jVFYYztI4UpcqbnMx0jEFW5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdbd0e90abbb73ae7461900d82bb9985_JaffaCakes118

Files

bdbd0e90abbb73ae7461900d82bb9985_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2e13765b89d993502e1fca64c20b5da8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetModuleHandleA
DeleteFileA
CreateFileA
WriteFile
OpenEventA
Sleep
GetFileSize
ReadFile
GetModuleFileNameA
VirtualProtectEx
ReadProcessMemory
GlobalFree
OpenProcess
GlobalAlloc
GetCurrentProcessId
CreateThread
GetCurrentProcess
CreateEventA
SetThreadPriority
OutputDebugStringA
CopyFileA
GetCurrentThread
GlobalUnlock
GetComputerNameA
VirtualAllocEx
WriteProcessMemory
VirtualFreeEx
CreateRemoteThread
GetCurrentThreadId
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
VirtualFree
GlobalLock
VirtualAlloc

user32

UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
GetWindowTextA
GetDC
GetCursor
GetDesktopWindow
GetWindowThreadProcessId
FindWindowA
wsprintfA
GetInputState
PostThreadMessageA
GetMessageA

gdi32

GetBkMode
GetBkColor

advapi32

RegCreateKeyExA
OpenProcessToken
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdata
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e13765b89d993502e1fca64c20b5da8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wininet

Sections

.text Size: 11KB - Virtual size: 11KB

sdata Size: 512B - Virtual size: 260B

.reloc Size: 1024B - Virtual size: 792B

.text
Size: 11KB - Virtual size: 11KB

sdata
Size: 512B - Virtual size: 260B

.reloc
Size: 1024B - Virtual size: 792B