bebcc9e6545d7baae13c095b31451e2d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bebcc9e6545d7baae13c095b31451e2d_JaffaCakes118
Size

31KB
MD5

bebcc9e6545d7baae13c095b31451e2d
SHA1

4bc722a9b0492a50bd86a1341f02c74c0d773db7
SHA256

11cd541511cc793e7416655cda1e100d0a70fb043dfe7f6664564b91733431d0
SHA512

167666a4b76f005d99037084545d6fae33817e0d4b489e5fcaf887d9cc4de131a180ddcde7edaa6b8418bf2a28c97585091b3153b927e82c05bda88f0ea4d586
SSDEEP

384:+MrdqPCHizw636SpE71d1xAHvQXyMAp79v5uWNqnTfqdWYRlamtA4k2h:+MkR8d1dv9XYpxvPqnLqYaJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bebcc9e6545d7baae13c095b31451e2d_JaffaCakes118

Files

bebcc9e6545d7baae13c095b31451e2d_JaffaCakes118
.dll windows:6 windows x86 arch:x86

9adb35cc02cc99bca4e0c46cf5de3fc9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

crypt32

CryptBinaryToStringA
CryptStringToBinaryA

gdiplus

GdipSaveImageToStream
GdipCreateBitmapFromHBITMAP
GdipGetImageEncoders
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipGetImageEncodersSize

iphlpapi

GetAdaptersAddresses

wininet

InternetSetOptionA
InternetQueryOptionA
InternetReadFile
HttpOpenRequestA
InternetCloseHandle
InternetOpenA
HttpSendRequestA
HttpQueryInfoA
InternetConnectA

ws2_32

gethostname
WSAStartup
WSACleanup
gethostbyname

kernel32

VirtualAlloc
GetPrivateProfileStringW
VirtualFree
DisableThreadLibraryCalls
lstrcmpiA
Process32Next
Process32First
CreateToolhelp32Snapshot
VerifyVersionInfoW
lstrlenW
GetVersionExA
GetSystemInfo
GetCurrentProcess
GetVolumeInformationW
VerSetConditionMask
GetTickCount
GetSystemTimeAsFileTime
QueryPerformanceCounter
LoadLibraryW
CloseHandle
Sleep
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
OpenFileMappingA
WaitForSingleObject
GetExitCodeProcess
CreateThread
CreateRemoteThread
GetExitCodeThread
HeapAlloc
HeapReAlloc
HeapFree
GetProcessHeap
IsWow64Process
GetLastError
CreateMutexA
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleA
GetProcAddress
LoadLibraryA
CreateDirectoryW
CreateFileW
DeleteFileW
GetFileSize
ReadFile
WriteFile
SetLastError
FreeLibrary

user32

wsprintfW
TranslateMessage
DispatchMessageA
wsprintfA
GetSystemMetrics
GetMessageA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

shell32

SHGetSpecialFolderPathW

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9adb35cc02cc99bca4e0c46cf5de3fc9

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

gdiplus

iphlpapi

wininet

ws2_32

kernel32

user32

advapi32

shell32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: - Virtual size: 240B

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 1024B - Virtual size: 900B

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: - Virtual size: 240B

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 1024B - Virtual size: 900B