ce2cc199352e5bbf3cc16b76cf3b7a0c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ce2cc199352e5bbf3cc16b76cf3b7a0c_JaffaCakes118
Size

18KB
MD5

ce2cc199352e5bbf3cc16b76cf3b7a0c
SHA1

066c1e55dc16be6731acedac5996f58b80a1fa6c
SHA256

61669eea495ba34e09502b918d2c0a152e08fba4543bb838ece151e47d317cc2
SHA512

4a1a83a576157e07d662aa2807a631e37c762d18956206bc5c650e80cf69109af51727f2f2655b889d7f213224a2a48dc1103cc8a03c2928b803664326e615c3
SSDEEP

384:soWVTX7Mr2V7gNFzYPKByAUIR2vErVR2CrKuBYMW/oBsjJTz82eY:soWVvUYPZhIR2vsz2CrI1TOY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce2cc199352e5bbf3cc16b76cf3b7a0c_JaffaCakes118

Files

ce2cc199352e5bbf3cc16b76cf3b7a0c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9554f9453a60195b6257e2027ef0177f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetClassNameA
CharLowerA
wsprintfA

kernel32

CreateDirectoryA
CreateFileA
CreateFileMappingA
CreateNamedPipeA
CreateThread
DeleteFileA
DeviceIoControl
ExitThread
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetSystemDirectoryA
GetTempPathA
GetTickCount
ConnectNamedPipe
HeapFree
LoadLibraryA
LocalAlloc
LocalFree
MapViewOfFile
OpenProcess
RtlZeroMemory
ord5
UnmapViewOfFile
VirtualAlloc
VirtualProtectEx
WideCharToMultiByte
_llseek
_lread
_lwrite
lstrcatA
lstrcmpiA
lstrcpyA
lstrlenA
CloseHandle
HeapAlloc
Sleep
CreateDirectoryA
CreateFileA
CreateFileMappingA
CreateNamedPipeA
CreateThread
DeleteFileA
DeviceIoControl
ExitThread
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetSystemDirectoryA
GetTempPathA
GetTickCount
ConnectNamedPipe
HeapFree
LoadLibraryA
LocalAlloc
LocalFree
MapViewOfFile
OpenProcess
RtlZeroMemory
ord5
UnmapViewOfFile
VirtualAlloc
VirtualProtectEx
WideCharToMultiByte
_llseek
_lread
_lwrite
lstrcatA
lstrcmpiA
lstrcpyA
lstrlenA
CloseHandle
HeapAlloc
Sleep

advapi32

RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyA

wininet

InternetOpenA
InternetQueryDataAvailable
InternetReadFile
HttpOpenRequestA
InternetConnectA

ws2_32

WSAStartup
WSACleanup
connect
gethostbyname
recv
send
socket
closesocket

ole32

CoTaskMemFree

Exports

Exports

tcpwrk

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9554f9453a60195b6257e2027ef0177f

Headers

File Characteristics

Imports

user32

kernel32

advapi32

wininet

ws2_32

ole32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 144KB

.rsrc Size: 512B - Virtual size: 384B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 144KB

.rsrc
Size: 512B - Virtual size: 384B

.reloc
Size: 1KB - Virtual size: 1KB