ec05f661a7e9524098e3febee109a291_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ec05f661a7e9524098e3febee109a291_JaffaCakes118
Size

50KB
MD5

ec05f661a7e9524098e3febee109a291
SHA1

36db9eb67f8c4f462a3f79953c6f0a51bef14ac9
SHA256

51a03b51d1ae24d23417754055705c19320f7ea1ce171bb28bd73b8c9e47b9db
SHA512

395a53d49fb9f6c35a740bbb0385037648d5c2d9b2f5a2605fd9a06dcffb89ef1fb9edac075b77973e8ffa183f85fb1bf5b0802a36c82f4ba92a6d88de429ae6
SSDEEP

1536:L4XIGM+8/Bklrd6RrejN9Sn3If6WaJFeep6bN:atXOQjN9S3ISWaDp6bN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec05f661a7e9524098e3febee109a291_JaffaCakes118

Files

ec05f661a7e9524098e3febee109a291_JaffaCakes118
.dll windows:5 windows x86 arch:x86

ae3d56de34c7577cee9388bcfb03830b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetOpenA
DeleteUrlCacheEntryA
HttpQueryInfoA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetReadFile
InternetCloseHandle
HttpSendRequestW
InternetSetOptionW
HttpQueryInfoW
InternetQueryOptionW
HttpOpenRequestW
InternetOpenW
InternetConnectW
DeleteUrlCacheEntryW

ntdll

_chkstk
strncpy
memcpy
memset

gdiplus

GdipGetImagePalette
GdipCloneImage
GdipDrawImageI
GdipFree
GdipGetImageGraphicsContext
GdiplusStartup
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits

kernel32

CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetExitCodeThread
lstrcpynA
lstrcatA
GetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrcpynW
MoveFileExW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
InterlockedExchange
CreateFileMappingW
MapViewOfFile
lstrcmpiA
FreeLibrary
UnmapViewOfFile
lstrcmpW
Sleep
lstrcmpiW
FindResourceW
LoadResource
SizeofResource
LockResource
ExpandEnvironmentStringsW
CreateFileW
WriteFile
CreateThread
GetModuleFileNameW
CloseHandle
GetModuleHandleW
GetModuleHandleA
GetProcAddress
GetTempPathW
GetTempFileNameW
CopyFileW
LocalAlloc
LocalFree
CreateDirectoryW
GetStartupInfoW
GetFileSize
DeleteFileW
ReadFile
SetFilePointer
lstrlenW
GetModuleFileNameA
GetModuleHandleExW
WaitForSingleObject
GetCurrentThreadId
CreateEventW
LoadLibraryW
lstrcatW
lstrcpyA
GetTickCount
lstrlenA
SetEvent
lstrcpyW
WriteProcessMemory
VirtualProtect
GetLocalTime

user32

ToAscii
GetKeyboardState
GetWindowTextW
SetWindowsHookExA
PostThreadMessageW
GetMessageW
UnhookWindowsHookEx
PostQuitMessage
CallNextHookEx
wsprintfW
wsprintfA
IsCharAlphaNumericW
GetClassNameW

gdi32

GetStockObject
CreateDIBSection
SetDIBColorTable
GetPixel
SelectObject
GetObjectW
DeleteDC
CreateCompatibleDC

advapi32

RegOpenKeyExW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegEnumKeyExW
RegQueryValueExW
RegCloseKey

ole32

CreateStreamOnHGlobal

Exports

Exports

AetModuleFileNameExA
AetModuleFileNameExW
GetStockObject

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae3d56de34c7577cee9388bcfb03830b

Headers

DLL Characteristics

File Characteristics

Imports

wininet

ntdll

gdiplus

kernel32

user32

gdi32

advapi32

ole32

Exports

Exports

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB