382db5d2228eddd5c05e30341d679032_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

382db5d2228eddd5c05e30341d679032_JaffaCakes118
Size

16KB
MD5

382db5d2228eddd5c05e30341d679032
SHA1

cfa0c7587b081a88b932d2317e1bc83a0f88e0b1
SHA256

dc6f2482247fced7a3f266c54723f861dafe6632e02c0fe7eae21601272bc58f
SHA512

c1e951cec5b8783857608e4557075131bb840c3e35e36f0ddd1db71b3130ef15d23f9fe02b331de97bc1129fe8d650320a03ca249a84c494528672b1c3e5c852
SSDEEP

192:WtS8i5cNeH/l8l60HLAwRYdURP/sxt6V1u1TwrUHV4BIKtx:GYfYqJdURPkU0FIUHV4Bhtx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
382db5d2228eddd5c05e30341d679032_JaffaCakes118

Files

382db5d2228eddd5c05e30341d679032_JaffaCakes118
.dll windows:1 windows x86 arch:x86

56f7fa0c17bf0ae9ebbbeeef41720b38

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetCloseHandle
InternetGetConnectedState
InternetOpenA
InternetOpenUrlA
InternetReadFile

shell32

ShellExecuteA
Shell_NotifyIconA

kernel32

ExitProcess
ExpandEnvironmentStringsA
GetEnvironmentStringsA
CloseHandle
MoveFileExA
OpenMutexA
CreateFileA
RtlUnwind
CreateMutexA
WinExec
WriteFile
lstrcatA
lstrcpyA
lstrlenA

user32

LoadIconA
SetTimer
KillTimer
RegisterClassA
MessageBoxA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
PostQuitMessage
CreateWindowExA
DestroyWindow
SetWindowPos
DefWindowProcA

gdi32

GetStockObject

advapi32

RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

crtdll

_fdopen
_open_osfhandle
fclose
free
_cexit
malloc
printf
raise
setbuf
strcpy
strncpy

Exports

Exports

_LibMain@12
load

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 880B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84B - Virtual size: 84B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 640B - Virtual size: 640B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE

.edata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56f7fa0c17bf0ae9ebbbeeef41720b38

Headers

File Characteristics

Imports

wininet

shell32

kernel32

user32

gdi32

advapi32

crtdll

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.bss Size: - Virtual size: 880B

.rdata Size: 84B - Virtual size: 84B

.data Size: 5KB - Virtual size: 5KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 640B - Virtual size: 640B

.edata Size: 88B - Virtual size: 88B

.text
Size: 4KB - Virtual size: 4KB

.bss
Size: - Virtual size: 880B

.rdata
Size: 84B - Virtual size: 84B

.data
Size: 5KB - Virtual size: 5KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 640B - Virtual size: 640B

.edata
Size: 88B - Virtual size: 88B