24df9ad1fb4eb91b7e9d02e51740653b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24df9ad1fb4eb91b7e9d02e51740653b_JaffaCakes118
Size

33KB
MD5

24df9ad1fb4eb91b7e9d02e51740653b
SHA1

5a5f5a27243edc74b6cf47e629e912e59ac42184
SHA256

17eaeaedd69db1bc04550d774fc7ba7033bec82f6604b9e42bc065387e72cae2
SHA512

9d70abc65620eb18ff2379e31e7ce1126b9b520d0c68643c87747c715c4c128c2c9d8adfe36796b1e62641ff572508198e93c9ab40bd424a129ae35545a0a055
SSDEEP

768:42ABVOo9L/WDEUu4/rg+d/tQ4C/8wnQq9bmQ8:bAVOo9L/WDEUu4zgCdC/1mQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24df9ad1fb4eb91b7e9d02e51740653b_JaffaCakes118

Files

24df9ad1fb4eb91b7e9d02e51740653b_JaffaCakes118
.dll windows:6 windows x86 arch:x86

96fc1015f8fa8b299d1085cb5e8ad1dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

odbc32

ODBCInternalConnectW
ord206
ord208
ord141
ord273
SearchStatusCode

mpr

MultinetGetConnectionPerformanceW
WNetCancelConnection2A
WNetConnectionDialog1A
WNetGetNetworkInformationA
WNetGetProviderNameA
WNetGetResourceParentA
WNetGetUniversalNameA
WNetUseConnectionA

wsock32

ord1141
ord1142
ord1130
ord1117
listen
recvfrom

urlmon

CoInternetCreateZoneManager
CreateAsyncBindCtx
CreateURLMoniker
FindMediaTypeClass
IsLoggingEnabledA
URLDownloadW

rtm

MgmDeInitialize
MgmGetMfe
MgmGetNextMfe
MgmRegisterMProtocol
MgmReleaseInterfaceOwnership
MgmTakeInterfaceOwnership
RtmGetRouteAge
RtmLookupIPDestination

mscms

CreateColorTransformA
DisassociateColorProfileFromDeviceA
EnumColorProfilesA
GetPS2ColorSpaceArray
IsColorProfileTagPresent
UninstallColorProfileW
UnregisterCMMA

wsnmp32

ord102
ord106
ord104
ord904
ord320

resutils

ResUtilFreeParameterBlock
ResUtilGetAllProperties
ResUtilGetDwordValue
ResUtilGetResourceDependency
ResUtilGetSzProperty
ResUtilSetExpandSzValue
ResUtilSetPropertyTable

kernel32

CloseHandle
CompareFileTime
CreateFileMappingW
CreateFileW
DeleteFileW
EnumSystemCodePagesW
FileTimeToSystemTime
GetFileSize
GetLastError
GetLocalTime
GetVersion
GetWindowsDirectoryW
MapViewOfFile
SearchPathW
SetFilePointer
Sleep
SystemTimeToFileTime
UnmapViewOfFile
WriteFile
lstrcatW
lstrcpyW
lstrlenW

ole32

CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysFreeString

msvcrt

_adjust_fdiv
_initterm
free
malloc
memcpy
memmove
memset
wcschr

Exports

Exports

xsfnq

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96fc1015f8fa8b299d1085cb5e8ad1dc

Headers

DLL Characteristics

File Characteristics

Imports

odbc32

mpr

wsock32

urlmon

rtm

mscms

wsnmp32

resutils

kernel32

ole32

oleaut32

msvcrt

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 424B

.reloc Size: 1024B - Virtual size: 840B

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 424B

.reloc
Size: 1024B - Virtual size: 840B