d6aba1f4a810516adab51f6804b54fa7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d6aba1f4a810516adab51f6804b54fa7_JaffaCakes118
Size

13KB
MD5

d6aba1f4a810516adab51f6804b54fa7
SHA1

f749cbe3c3e546fe38229c680280139dace7573d
SHA256

c0bdf2565212211c5003134248ca98ccc5ffe9ec352151f26d897ad3be89562a
SHA512

697b218c9a2686b7a529f055e2d47871cf86013bd216ab6e9b0b6f4cad9ca7956db79662750855eb41469dc0b3ba95098baaaaf138ba5ca92a95bd5f26f416ee
SSDEEP

192:SPc2oTifLao13qT8y/ntlFdpYeHTMt78RWBjLtITflknjR:QBoTIao13evDTMt7iWBjmLlI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6aba1f4a810516adab51f6804b54fa7_JaffaCakes118

Files

d6aba1f4a810516adab51f6804b54fa7_JaffaCakes118
.dll windows:1 windows x86 arch:x86

504976139335075fa6a85c9020192c3b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetReadFile

shell32

ShellExecuteA

kernel32

ExitProcess
GetEnvironmentStringsA
CloseHandle
GetSystemDirectoryA
GetTempPathA
GetVersionExA
GetWindowsDirectoryA
CopyFileA
OpenMutexA
RtlUnwind
CreateMutexA
DeleteFileA

user32

SetTimer
KillTimer
RegisterClassA
GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
CreateWindowExA
DestroyWindow
DefWindowProcA

gdi32

GetStockObject

advapi32

RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

crtdll

_fdopen
_open_osfhandle
atoi
exit
fclose
feof
fgets
fopen
fputs
fwrite
_cexit
malloc
printf
raise
setbuf
sprintf
strcat
strcpy
strncmp
strncpy

Exports

Exports

LibMain
_LibMain@12
load

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84B - Virtual size: 84B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 728B - Virtual size: 728B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE

.edata
Size: 112B - Virtual size: 112B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

504976139335075fa6a85c9020192c3b

Headers

File Characteristics

Imports

wininet

shell32

kernel32

user32

gdi32

advapi32

crtdll

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.bss Size: - Virtual size: 6KB

.rdata Size: 84B - Virtual size: 84B

.data Size: 1KB - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 728B - Virtual size: 728B

.edata Size: 112B - Virtual size: 112B

.text
Size: 5KB - Virtual size: 5KB

.bss
Size: - Virtual size: 6KB

.rdata
Size: 84B - Virtual size: 84B

.data
Size: 1KB - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 728B - Virtual size: 728B

.edata
Size: 112B - Virtual size: 112B