faa7ea520837bf38e3c1d89b50e6215e_JaffaCakes118

General

Target

faa7ea520837bf38e3c1d89b50e6215e_JaffaCakes118
Size

43KB
MD5

faa7ea520837bf38e3c1d89b50e6215e
SHA1

c85f10902185542691aa607b1b90d919941bc6ae
SHA256

d966fa7eb672a2b8ba42517aa261d8d310b8eafbb5bff2fee05d3ddd03339bf2
SHA512

464184ef674e7a3f06f503d712157c19ec0f785a1bfe194cfbbdf7218b254a34de5562928a067dd78cda461a10a717a211c8ae657b28ce049a196fe5fd440b73
SSDEEP

768:byox1bnIxfCFxdU3AH8IdYXdu7WOY3sftsZk8uaUluktyaGlCq8W:NHbIxKzFHxmXdCWdC8AuQytCpW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
faa7ea520837bf38e3c1d89b50e6215e_JaffaCakes118

Files

faa7ea520837bf38e3c1d89b50e6215e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f58bfd945c5f2b565d0093e2d101e951

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetOpenUrlA
InternetCrackUrlA
InternetOpenA
InternetConnectA
InternetReadFile
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA

user32

SetWindowLongA
GetWindowLongA
GetWindowThreadProcessId
GetWindowTextA
EnumWindows
GetParent
CallWindowProcA
EnumChildWindows
SetWindowTextA
MessageBoxA
wsprintfA

ws2_32

send
connect
socket
htons
inet_addr
closesocket
recv
select
inet_ntoa

msvcrt

sscanf
??3@YAXPAX@Z
??2@YAPAXI@Z
isalpha
free
_initterm
malloc
_adjust_fdiv
memcpy
memset
memcmp
isalnum

kernel32

RtlZeroMemory
GetExitCodeThread
TerminateThread
GetCurrentDirectoryA
GetCurrentProcessId
IsBadReadPtr
GetPrivateProfileStringA
lstrlenW
WideCharToMultiByte
GetCurrentProcess
VirtualQueryEx
VirtualProtectEx
ReadProcessMemory
WriteProcessMemory
lstrcpynA
Sleep
ExitProcess
lstrcpyA
lstrcatA
lstrcmpA
lstrcmpiA
GetModuleFileNameA
CreateFileA
GetFileSize
GlobalAlloc
ReadFile
GlobalFree
GetCommandLineA
GetLastError
lstrlenA
GetModuleHandleA
CreateThread
CloseHandle
LoadLibraryA
GetProcAddress

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f58bfd945c5f2b565d0093e2d101e951

Headers

File Characteristics

Imports

wininet

user32

ws2_32

msvcrt

kernel32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 7KB - Virtual size: 24KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 7KB - Virtual size: 24KB

.reloc
Size: 4KB - Virtual size: 4KB