ec0702ddebf32fef040667e58123e234_JaffaCakes118

General

Target

ec0702ddebf32fef040667e58123e234_JaffaCakes118
Size

14KB
MD5

ec0702ddebf32fef040667e58123e234
SHA1

d00ed89e93414807d9edc3e9a0d2d83db33c741f
SHA256

f4e73f7fc79f7180f230905b402efdfa5aa6973376639aca4219646d05d67a74
SHA512

bafb7d19536293086b8cf6bacbe108c5753057e9f838d824b5a387f9962c46a75a9fc4a85447bea55848ba829dcdb7965cb496d3807966d3741365e522f4e007
SSDEEP

192:TrPKj1HEq45ePNhS1CbunyFQoPfo65XbUkRUNKwBbnmOffid:XM94YhS1qQoI65X3RW1mOfa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec0702ddebf32fef040667e58123e234_JaffaCakes118

Files

ec0702ddebf32fef040667e58123e234_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ad5a61978e20e1999a78797409fa6fd0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentThreadId
CreateRemoteThread
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetProcAddress
GetModuleHandleA
DeleteFileA
CreateFileA
WriteFile
OpenEventA
ExitProcess
ReadFile
GetModuleFileNameA
ReadProcessMemory
GetCurrentProcess
CreateEventA
SetThreadPriority
CreateThread
Thread32Next
TerminateThread
Thread32First
GetThreadPriority
GetCurrentProcessId
GlobalFree
GlobalLock
GlobalAlloc
GetComputerNameA
GetPrivateProfileStringA
VirtualProtectEx
VirtualFree
GetFileSize
VirtualAlloc

user32

UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
wsprintfA
GetInputState
PostThreadMessageA
GetMessageA

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad5a61978e20e1999a78797409fa6fd0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Sections

.text Size: 11KB - Virtual size: 11KB

sdata Size: 512B - Virtual size: 512B

.reloc Size: 1024B - Virtual size: 808B

.text
Size: 11KB - Virtual size: 11KB

sdata
Size: 512B - Virtual size: 512B

.reloc
Size: 1024B - Virtual size: 808B