ea2c6155bc1cc4c1d039b9d7fa97730c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ea2c6155bc1cc4c1d039b9d7fa97730c_JaffaCakes118
Size

207KB
MD5

ea2c6155bc1cc4c1d039b9d7fa97730c
SHA1

de3a4521081e7328ad99f40772d158fe9ff32568
SHA256

4c18edc94d976e4811eba21c228ae6770b7604306e30a5934e71b4fee94ec39a
SHA512

76aaa7338cd530136b41646cb4160076a7c40bd0f35b84f0abc160d58d468d3a22e1eadf145d8aff02a8c0fa032b540d64375aa9362bef18e39d151469a264dc
SSDEEP

768:b52Ef/wwtUIc47aiQziSSNKJoY7aGR7alMWPORbWpWq3ga:kEXhrctziSkKWY7p7oMWPORW3ga

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea2c6155bc1cc4c1d039b9d7fa97730c_JaffaCakes118

Files

ea2c6155bc1cc4c1d039b9d7fa97730c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5e4a29b64ba38dde46025d6f33f0da14

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreatePipe
CreateProcessA
CreateThread
DeleteFileA
DeviceIoControl
ExitThread
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetFullPathNameA
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
CreateNamedPipeA
GetSystemDirectoryA
GetTempPathA
GetTickCount
HeapAlloc
HeapFree
CreateFileMappingA
LoadLibraryA
LocalAlloc
LocalFree
LockFile
MapViewOfFile
MultiByteToWideChar
OpenProcess
ReadFile
RtlZeroMemory
SetFilePointer
Sleep
TerminateProcess
TerminateThread
VirtualAlloc
VirtualProtectEx
WaitForSingleObject
WideCharToMultiByte
_llseek
_lread
_lwrite
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
CreateFileA
CreateEventA
CreateDirectoryA
ConnectNamedPipe
CloseHandle
IsBadCodePtr
GetSystemDefaultLangID
UnmapViewOfFile
CreatePipe
CreateProcessA
CreateThread
DeleteFileA
DeviceIoControl
ExitThread
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetFullPathNameA
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
CreateNamedPipeA
GetSystemDirectoryA
GetTempPathA
GetTickCount
HeapAlloc
HeapFree
CreateFileMappingA
LoadLibraryA
LocalAlloc
LocalFree
LockFile
MapViewOfFile
MultiByteToWideChar
OpenProcess
ReadFile
RtlZeroMemory
SetFilePointer
Sleep
TerminateProcess
TerminateThread
VirtualAlloc
VirtualProtectEx
WaitForSingleObject
WideCharToMultiByte
_llseek
_lread
_lwrite
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
CreateFileA
CreateEventA
CreateDirectoryA
ConnectNamedPipe
CloseHandle
IsBadCodePtr
GetSystemDefaultLangID
UnmapViewOfFile

advapi32

RegDeleteKeyA
RegCreateKeyA
RegCloseKey
OpenSCManagerA
CreateServiceA
RegEnumKeyExA
RegNotifyChangeKeyValue
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
StartServiceA

gdi32

BitBlt
CreateCompatibleDC
CreateDCA
SelectObject
GetDeviceCaps
GetDIBColorTable
DeleteObject
DeleteDC
CreateDIBSection

ole32

CreateStreamOnHGlobal
CoTaskMemFree

shell32

ShellExecuteA

user32

ToAscii
SetWindowsHookExA
SetWindowTextA
SendMessageA
GetWindowTextA
GetKeyboardState
GetKeyNameTextA
GetForegroundWindow
GetFocus
GetDlgItemTextA
GetClassNameA
EnumChildWindows
CharLowerA
CallNextHookEx
wsprintfA

wininet

HttpSendRequestA
InternetConnectA
InternetGetConnectedState
InternetOpenA
HttpOpenRequestA
InternetReadFile
InternetQueryDataAvailable

ws2_32

Exports

Exports

scsiusr4

Sections

.text
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e4a29b64ba38dde46025d6f33f0da14

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

ole32

shell32

user32

wininet

ws2_32

Exports

Exports

Sections

.text Size: 200KB - Virtual size: 200KB

.rsrc Size: 1024B - Virtual size: 4KB

.avc Size: 4KB - Virtual size: 4KB

.text
Size: 200KB - Virtual size: 200KB

.rsrc
Size: 1024B - Virtual size: 4KB

.avc
Size: 4KB - Virtual size: 4KB