1419ba471361f414bac5a8a70643e7dd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1419ba471361f414bac5a8a70643e7dd_JaffaCakes118
Size

51KB
MD5

1419ba471361f414bac5a8a70643e7dd
SHA1

0e1a2e1c150fd376dc2f162daaf6eaf4940e73b1
SHA256

b5be4495a0a9a6917a6b8a601cb54f591408eb5f3721225068845d0db2785f54
SHA512

df1a5b23c44771a3e9bdfb657da03899012666de281f8e59d3590917856bf6ef1868e9c042576be27ab112fd8ab173c8acc043c0c62e611cbbc1dab691402279
SSDEEP

1536:Qv2DL9jJpMzVI/q9UehFY/4WcZD5Y29qYAwiK:QvujzMzVI/q9UKFY/4WcZDiuqYAwiK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1419ba471361f414bac5a8a70643e7dd_JaffaCakes118

Files

1419ba471361f414bac5a8a70643e7dd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1202991063d9e98a0957bc4b8cd6b574

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

accept
select
listen
WSACleanup
WSAStartup
gethostbyname
socket
htons
connect
ioctlsocket
recv
send
bind
__WSAFDIsSet
closesocket

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetGetConnectedState
InternetCheckConnectionA

dnsapi

DnsQuery_A

kernel32

WideCharToMultiByte
GetProcessHeap
CloseHandle
WriteFile
lstrcpyA
lstrlenA
SetFilePointer
CreateFileA
lstrcatA
GetSystemDirectoryA
GetSystemTime
GetLastError
GetCurrentProcess
GetVersionExA
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
SetCurrentDirectoryA
GlobalUnlock
GlobalLock
GlobalAlloc
ReadFile
PeekNamedPipe
Sleep
TerminateThread
GetExitCodeProcess
CreateProcessA
GetEnvironmentVariableA
GetStartupInfoA
CreatePipe
CreateThread
lstrcmpA
SetThreadPriority
GetFileSize
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
GetLogicalDriveStringsA
lstrcmpiA
GetTempPathA
GetComputerNameA
GetTickCount
LoadLibraryA
GetModuleHandleA
CreateMutexA
Process32Next
Process32First
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
ExitProcess
FreeLibrary
GetProcAddress
GetLocalTime
GetWindowsDirectoryA
MoveFileA
GetModuleFileNameA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
FileTimeToSystemTime
SystemTimeToFileTime
HeapFree
HeapAlloc
HeapReAlloc

user32

ExitWindowsEx
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
SetClipboardData
EmptyClipboard
GetWindowTextA
GetForegroundWindow
GetAsyncKeyState
MapVirtualKeyA
ToAsciiEx
wsprintfA
GetKeyNameTextA
CallNextHookEx
DispatchMessageA
TranslateMessage
GetMessageA
UnhookWindowsHookEx
SetWindowsHookExA
GetKeyboardState
IsCharAlphaNumericA
GetSystemMetrics
ReleaseDC
GetDC
GetDesktopWindow
MessageBoxA
GetKeyboardLayout

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
DeleteDC
DeleteObject

advapi32

OpenProcessToken
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyExA
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
LookupPrivilegeValueA
AdjustTokenPrivileges

shell32

ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoTaskMemFree

Exports

Exports

?KeyEvent@@YGJHIJ@Z
?MouseEvent@@YGJHIJ@Z

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1202991063d9e98a0957bc4b8cd6b574

Headers

File Characteristics

Imports

ws2_32

wininet

dnsapi

kernel32

user32

gdi32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 15KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 15KB

.reloc
Size: 3KB - Virtual size: 2KB