45b7325deefff5de877f549acaf15725_JaffaCakes118

General

Target

45b7325deefff5de877f549acaf15725_JaffaCakes118
Size

46KB
MD5

45b7325deefff5de877f549acaf15725
SHA1

6ccd37900a2db94c8660dbde1b4f7dd7057abe9e
SHA256

a7de8f2c273556ae53b88d6e32e57fc86a6ba633547466c07f30e1a74e448a40
SHA512

b45664a919f7d0a3edc29254fed483cf77f7c482ba8a0dc89fdf152422c944e725a03461103eed2fb95ad8de3ced241329e022b25394fd34477c56b4efaf8c30
SSDEEP

768:ji+dq3DOucBecayo11HfSOnIpYQA/mmZpW5ei+dq3DOucBecayo1j:jiSq36uSHaNqdtOZIMiSq36uSHaf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45b7325deefff5de877f549acaf15725_JaffaCakes118

Files

45b7325deefff5de877f549acaf15725_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a7c817fd0e66cbcf4e173470d5558321

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
HeapAlloc
GetProcessHeap
GetProcAddress
VirtualAlloc
FreeLibrary
VirtualFree
CreateFileA
Sleep
GetModuleHandleA
SetFilePointer
GetCurrentThreadId
IsBadReadPtr
TerminateProcess
OpenProcess
WritePrivateProfileStringA
GetWindowsDirectoryA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
ReadFile
GetFileSize
GetCurrentProcess
CloseHandle

user32

FindWindowA
CallNextHookEx
SetWindowsHookExA
GetKeyboardState
ToAscii
GetWindowThreadProcessId
AttachThreadInput
GetFocus
wsprintfA
GetWindow
UnhookWindowsHookEx

wininet

DeleteUrlCacheEntry
InternetCloseHandle

msvcrt

_ltoa
tolower
strlen
strrchr
strstr
_strcmpi
sprintf
strcpy
_except_handler3
memcpy
free
strncpy
memset
malloc

urlmon

URLDownloadToFileA

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shread
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7c817fd0e66cbcf4e173470d5558321

Headers

File Characteristics

Imports

kernel32

user32

wininet

msvcrt

urlmon

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 1KB

shread Size: 512B - Virtual size: 4B

.reloc Size: 1024B - Virtual size: 960B

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

shread
Size: 512B - Virtual size: 4B

.reloc
Size: 1024B - Virtual size: 960B