fa0ae85af768c7e721c7f655514a6049_JaffaCakes118 | Triage

Sharing

General

Target

fa0ae85af768c7e721c7f655514a6049_JaffaCakes118
Size

19KB
MD5

fa0ae85af768c7e721c7f655514a6049
SHA1

afa8df3cb6fa856fc4edc170e2e06f66da13a842
SHA256

bdf3abf403a40a233fe5e869c7e95a01ac5323066477f5442f711752cc882833
SHA512

f4dc227e18e50cb37d62f7a6e87a85581bd22b7873b47a9932e652fc29a87139a5d1e2a3ef8b5e33718c69dd88ede6206d0e300bc45ea62252f7f507f02139aa
SSDEEP

384:t8BkITi93mbqXR4kI6BXs8jPY1yJpJgLa0MpLi+A:gkci9WCDXs8brgLa1M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa0ae85af768c7e721c7f655514a6049_JaffaCakes118

Files

fa0ae85af768c7e721c7f655514a6049_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fcfa2502096423fd052b6943d8266757

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

shell32

ord680

advapi32

RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegNotifyChangeKeyValue

user32

UnhookWindowsHookEx
SetWindowsHookExA
SetWindowTextA
GetParent
GetFocus
GetClassNameA
FindWindowA
EnumChildWindows
CharLowerBuffA
CallWindowProcA
CallNextHookEx
wsprintfA
GetWindowTextA

kernel32

FreeLibrary
GetModuleFileNameA
lstrcpynA
lstrlenA
lstrcpyA
lstrcmpA
lstrcatA
VirtualProtect
VirtualFree
VirtualAlloc
Sleep
RtlFillMemory
LoadLibraryA
ExitThread
GetVolumeInformationA
GetTempPathA
GetSystemInfo
GetProcAddress
CloseHandle
CreateThread
GetModuleHandleA

shlwapi

StrToIntA
StrStrA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 782B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ