3073c72e554e7ef73236e4c42308aa32_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3073c72e554e7ef73236e4c42308aa32_JaffaCakes118
Size

118KB
MD5

3073c72e554e7ef73236e4c42308aa32
SHA1

0035b46db8e508b6c83dd96781cc905e1c298843
SHA256

c6f43574d34150ca076b2ba5646dddb82224b1f149ccbf85c36c5c05f92f39ce
SHA512

4d42524d597e12e3ddf0a64405f580b7df0e34b212dde1b62a0232d0fef94a757a8f44ab0a7c157dcbb6728547d1be46e230f52edf289a11289dd80f8ad29df9
SSDEEP

3072:cTcpf8spx6JAaNfXW3yRnjs0Ud8Gmdkixv4ndOf:ecWsfSfJ2fOxkixv4Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3073c72e554e7ef73236e4c42308aa32_JaffaCakes118

Files

3073c72e554e7ef73236e4c42308aa32_JaffaCakes118
.dll windows:4 windows x86 arch:x86

833ae25b3c1a6022142abad991c79bec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CompareStringA
CreateDirectoryA
ExitProcess
FreeResource
GetCommandLineA
GetModuleHandleA
GetStartupInfoA
GetVersionExA
HeapAlloc
LoadResource
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
RemoveDirectoryA
RtlUnwind
SetEndOfFile
SetLastError
SetUnhandledExceptionFilter
lstrcmpA

user32

CopyRect
CreateAcceleratorTableA
CreateDialogIndirectParamA
MessageBoxA
ShowCursor
LoadBitmapA
GetWindowTextA
DestroyMenu
LoadCursorA

advapi32

RegQueryValueA
RegOpenKeyExA
RegLoadKeyA
RegEnumKeyA
RegCloseKey

ole32

OleUninitialize
OleInitialize
GetConvertStg
CreateILockBytesOnHGlobal
CreateDataAdviseHolder
CoUninitialize
CoTaskMemRealloc
StringFromGUID2
ReleaseStgMedium
CoCreateInstance
CoGetClassObject
CoInitialize
CoRegisterClassObject
CoTaskMemAlloc
OleSetClipboard

wininet

InternetGetCookieA
InternetCrackUrlA
InternetQueryDataAvailable
InternetSetOptionExA
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpAddRequestHeadersA
InternetGetLastResponseInfoA

shell32

SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA
Shell_NotifyIconA
SHGetDesktopFolder
SHBindToParent

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

833ae25b3c1a6022142abad991c79bec

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

wininet

shell32

Sections

.text Size: 7KB - Virtual size: 8KB

.rdata Size: 20KB - Virtual size: 24KB

.data Size: 81KB - Virtual size: 84KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 7KB - Virtual size: 8KB

.rdata
Size: 20KB - Virtual size: 24KB

.data
Size: 81KB - Virtual size: 84KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 8KB