0695d380c8ae1e68590a7b5b39041aa0_JaffaCakes118

General

Target

0695d380c8ae1e68590a7b5b39041aa0_JaffaCakes118
Size

32KB
MD5

0695d380c8ae1e68590a7b5b39041aa0
SHA1

f428d3d14a136fb4f9aaf37fa96e5ca2bd15cc16
SHA256

11e287e6fdb80ae32471bedca66baed6956449f9e9c5053e8d154a2240f692c3
SHA512

847cb1c873217340a8660de92b4d0f5d73aeed9032ba38fbf285ce57ee1afb8052ed98fd0bd7c8378a597ca5016d63959656963b044aeab7e6a1f60c2e1ee4be
SSDEEP

384:BsFA16CnhEAIhaWbGv8WN7mnUF0YM+DsPcn0ktVmb:Sa1FNIh/+8WNNF0YhDs01mb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0695d380c8ae1e68590a7b5b39041aa0_JaffaCakes118

Files

0695d380c8ae1e68590a7b5b39041aa0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

388ab9f12b75bbadf804c62c7f2944b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

GetPixel

advapi32

CreateServiceA
RegCreateKeyA
StartServiceA
OpenServiceA
CloseServiceHandle
OpenSCManagerA
RegSetValueExA

ws2_32

closesocket
recv
send
WSAGetLastError
connect
htons
socket
gethostbyname
WSAStartup

kernel32

WaitForMultipleObjects
ResetEvent
GetLastError
CreateFileA
WaitForSingleObject
DeviceIoControl
CloseHandle
SetLastError
VirtualProtect
FlushInstructionCache
GetCurrentProcess
GetProcAddress
LoadLibraryA
SetThreadPriority
GetCurrentThread
Sleep
CreateThread
GetModuleFileNameA
CreateEventA
GetSystemDirectoryA
GlobalFindAtomA
IsBadReadPtr
TerminateProcess
GlobalAddAtomA
ExitThread
SetEvent
OutputDebugStringA

user32

GetClientRect
GetDC
MessageBoxA
FindWindowA
GetWindowTextA
SetWindowsHookExA
CallNextHookEx

msvcrt

strcat
_stricmp
_adjust_fdiv
malloc
_initterm
free
strstr
strchr
memcpy
sprintf
strlen
fwrite
fopen
fread
atoi
fclose
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
_EH_prolog
memset
_itoa
strcpy
strcmp
strrchr

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

388ab9f12b75bbadf804c62c7f2944b0

Headers

File Characteristics

Imports

gdi32

advapi32

ws2_32

kernel32

user32

msvcrt

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 2KB