3420052e3eeec04d8a505215c1ebe034_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3420052e3eeec04d8a505215c1ebe034_JaffaCakes118
Size

640KB
MD5

3420052e3eeec04d8a505215c1ebe034
SHA1

795962f1945ea1f98f3ceb849551f48d31bd8016
SHA256

649eecb01aa8f0e439dd9966b2792dfbaf336905fd84dbcdd4f8a40a29ebb6d0
SHA512

4550d40b94db5004efa81de1ccb816ea9332aa6d402fb5e366ae7015c18b69782834e7a9731abbec0c470b68ab43e3a66fe1d8004ef8532418f06b42d43e6422
SSDEEP

12288:lZ0HdpDIm9OTacDA6iUAr2100qqwPozYrIbw0PIO3xKLfW0kYlz1p:lWOTHDE215nwPmy7dg+6Yh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3420052e3eeec04d8a505215c1ebe034_JaffaCakes118

Files

3420052e3eeec04d8a505215c1ebe034_JaffaCakes118
.exe windows:6 windows x64 arch:x64

a4aa7cb0d48a2cc1ce28715715fc7f70

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\zhaoy\Developer\BitcoinHD\blagominer\x64\ReleaseAVX512\miner-v.1.170997-hpool20190114_AVX512.pdb

Imports

kernel32

SetConsoleScreenBufferSize
GetStdHandle
SetConsoleWindowInfo
FindNextFileA
InitializeCriticalSection
FindClose
GetCurrentDirectoryA
GetLargestConsoleWindowSize
QueryPerformanceFrequency
GetSystemInfo
HeapSetInformation
HeapAlloc
DeleteCriticalSection
GetProcessHeap
GetConsoleWindow
HeapFree
GetComputerNameA
CreateDirectoryW
GetLastError
GetLocalTime
ReadFile
CreateFileA
CloseHandle
SetFilePointerEx
HeapSize
Sleep
VirtualFree
VirtualAlloc
GetDiskFreeSpaceA
GetCurrentThread
SetThreadIdealProcessor
GetPhysicallyInstalledSystemMemory
FindFirstFileA
LeaveCriticalSection
QueryPerformanceCounter
EnterCriticalSection
WriteConsoleW
SetEndOfFile
CreateFileW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetFileSizeEx
GetConsoleCP
GetConsoleScreenBufferInfo
GetConsoleCursorInfo
GetFileType
SetUnhandledExceptionFilter
GetCurrentProcess
GetCurrentProcessId
GetVersion
GetTickCount
GetModuleHandleA
GetProcAddress
SetConsoleActiveScreenBuffer
GetConsoleMode
SetConsoleCtrlHandler
SetConsoleMode
CreateConsoleScreenBuffer
FlushConsoleInputBuffer
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
WriteConsoleOutputA
SetConsoleCursorPosition
WriteConsoleA
SetConsoleCursorInfo
WaitForSingleObjectEx
SwitchToThread
GetCurrentThreadId
GetExitCodeThread
GetNativeSystemInfo
WideCharToMultiByte
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
EncodePointer
DecodePointer
MultiByteToWideChar
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
SetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
CreateThread
GetThreadTimes
FreeLibrary
FreeLibraryAndExitThread
GetModuleFileNameW
LoadLibraryExW
WaitForSingleObject
RtlUnwindEx
RtlPcToFileHeader
RaiseException
ExitProcess
GetModuleHandleExW
ExitThread
WriteFile
GetCommandLineA
GetCommandLineW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
GetExitCodeProcess
CreateProcessW
GetFileAttributesExW
ReadConsoleW
FlushFileBuffers

user32

GetWindowRect
MapVirtualKeyA
GetKeyState
MoveWindow

ws2_32

setsockopt
WSAGetLastError
freeaddrinfo
bind
inet_ntop
recv
connect
socket
send
getaddrinfo
closesocket
WSAStartup
ioctlsocket
listen
accept
WSACleanup

Sections

.text
Size: 329KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4aa7cb0d48a2cc1ce28715715fc7f70

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

ws2_32

Sections

.text Size: 329KB - Virtual size: 328KB

.rdata Size: 113KB - Virtual size: 113KB

.data Size: 8KB - Virtual size: 35KB

.pdata Size: 13KB - Virtual size: 12KB

_RDATA Size: 512B - Virtual size: 148B

.rsrc Size: 215KB - Virtual size: 214KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 329KB - Virtual size: 328KB

.rdata
Size: 113KB - Virtual size: 113KB

.data
Size: 8KB - Virtual size: 35KB

.pdata
Size: 13KB - Virtual size: 12KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 215KB - Virtual size: 214KB

.reloc
Size: 3KB - Virtual size: 3KB