0a2b93e25b7b7ac59ab1a702d01a6c41_JaffaCakes118

General

Target

0a2b93e25b7b7ac59ab1a702d01a6c41_JaffaCakes118
Size

68KB
MD5

0a2b93e25b7b7ac59ab1a702d01a6c41
SHA1

81953c300f9c33c31888764f87abea635a2bde9c
SHA256

a2780b394989c5be1db72d3662982265e3f9c65a4e5022f7916678890c61238f
SHA512

dd73cb5a0e89ac6c32f369aaf64bbaf68d62b0e8319411c9b7eecc7aa4122f5f2aa18ca1a8f0a6b03fc11583219dc2bdf39dadbb812c97a3e473f2493ae499f8
SSDEEP

768:o8X7o5/1S4tro1wW5z304ochPnKr61U44rnGJyr3vXDNr1gtMCPmyhiIHpwWolZq:wHXW0IPnK6UzrnGINpUhhHpwDM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a2b93e25b7b7ac59ab1a702d01a6c41_JaffaCakes118

Files

0a2b93e25b7b7ac59ab1a702d01a6c41_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1b6dbb1f6678b0716a719e20127a2a00

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueueUserWorkItem
VirtualAlloc
ExitProcess
GetConsoleInputExeNameA
FreeEnvironmentStringsA
TerminateThread
GetCommandLineW
GetModuleFileNameA
_lclose
GetStdHandle
LZCopy
GetEnvironmentVariableA
WriteConsoleInputA
GetModuleFileNameA
SleepEx
EndUpdateResourceA
GetDiskFreeSpaceA
lstrcpy
GetConsoleTitleA
UnlockFileEx
GetOverlappedResult
SetConsoleIcon
OpenEventA
_hread
GetCommandLineA
Thread32First
WaitForMultipleObjects
GetNumberFormatA

wininet

HttpOpenRequestA
HttpAddRequestHeadersA
InternetConnectA
InternetReadFile
HttpQueryInfoA
InternetOpenW
HttpSendRequestA

user32

GetWindowTextA
RegisterSystemThread
GetKeyNameTextA
RegisterServicesProcess
SetClipboardData
GetClassNameA
AdjustWindowRectEx
PrintWindow
CreateMDIWindowA
GetDlgItemTextA
MenuItemFromPoint
UpdateLayeredWindow
EndDialog
SetMenuItemInfoA
RegisterClipboardFormatA
GetSubMenu
BroadcastSystemMessageExA
GetCursorFrameInfo
CountClipboardFormats
CharLowerBuffA
TileWindows
GetKeyboardLayoutNameA
DestroyAcceleratorTable
InSendMessage
ClientToScreen

Exports

Exports

CloseAhckfnj
Neqtoacktew

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 56KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b6dbb1f6678b0716a719e20127a2a00

Headers

File Characteristics

Imports

kernel32

wininet

user32

Exports

Exports

Sections

.itext Size: - Virtual size: 3KB

.text Size: 56KB - Virtual size: 184KB

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.itext
Size: - Virtual size: 3KB

.text
Size: 56KB - Virtual size: 184KB

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB