d083ac59cb5da72cbd711ef0caf88548_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d083ac59cb5da72cbd711ef0caf88548_JaffaCakes118
Size

14KB
MD5

d083ac59cb5da72cbd711ef0caf88548
SHA1

f1340b1498fd7cc204d291ba0a121a674c4ee348
SHA256

3169c8bc1b824a6b2b0c1214c74b1af6f88f1fa93a3c8a8f217f252413071105
SHA512

3e396d5152c7a3b0bb920a03fbc942558375cf344961ccfbc5c67a65d9bcace3524214fda6dc325e7483e4708a5f728c3284da5c736fc524e9a67ec3d7393d6b
SSDEEP

192:PfJR6QpjpSDp1oRhpCIs01weEcelOfqd7pW+kLv7uHBSsLV8a:PfJRb9SDpihpHcOfqd7s+kLxa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d083ac59cb5da72cbd711ef0caf88548_JaffaCakes118

Files

d083ac59cb5da72cbd711ef0caf88548_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d68ecc03ae1741ff99936f6fdecf488b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

inet_addr
gethostbyname
closesocket
WSACleanup
WSAStartup
ioctlsocket
htons
socket
connect
recv
send

user32

CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ShowWindow
SetFocus
SetForegroundWindow
VkKeyScanA
wsprintfA
BlockInput
keybd_event

advapi32

EnumServicesStatusA
CloseServiceHandle
OpenProcessToken
ImpersonateLoggedOnUser
OpenSCManagerA

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantInit
SysAllocString
VariantClear
SysFreeString

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

msvcrt

_onexit
__dllonexit
_adjust_fdiv
_initterm
free
strtok
fopen
fwrite
fclose
malloc
time
strncpy
strstr
sprintf
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
rand
srand

kernel32

CreateThread
CreateProcessA
LoadLibraryA
GetProcAddress
lstrcpyA
lstrlenA
lstrcmpA
lstrcpynA
ExitProcess
CloseHandle
OpenProcess
lstrcmpiA
GetLocaleInfoA
Sleep
GetTickCount
InterlockedDecrement
GetWindowsDirectoryA
GlobalAlloc
CreateMutexA
DisableThreadLibraryCalls
MultiByteToWideChar
GetLastError
GlobalLock
GlobalUnlock

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d68ecc03ae1741ff99936f6fdecf488b

Headers

File Characteristics

Imports

wsock32

user32

advapi32

wininet

ole32

oleaut32

psapi

msvcrt

kernel32

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 804B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 804B