07c1b1206e7c54b03467ad2e8b2625f0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

07c1b1206e7c54b03467ad2e8b2625f0_JaffaCakes118
Size

144KB
MD5

07c1b1206e7c54b03467ad2e8b2625f0
SHA1

05847fcb67438a175f41617a003c80f1d50df5b2
SHA256

07fd31feb01a535e310b46aa8c1a0daf57f7969b55b3604305334b55a3aadbd5
SHA512

4364f81c51b676ae5abbdb5f317e774d89005305856f2de428aef753fcf4b606e64008be53a5b9cbd6f2eaf52184a808ade39759fd5a401c2cca67012a75371e
SSDEEP

3072:XcufhI0zh5jBEeptpVobdT8tLDVrhwNl:8ihFBEc4b18LDVrhwN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07c1b1206e7c54b03467ad2e8b2625f0_JaffaCakes118

Files

07c1b1206e7c54b03467ad2e8b2625f0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1757ed5e95527039c7207cf2c9e4411d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemInfo
GetModuleHandleA
ReleaseMutex
WaitForMultipleObjects
FreeConsole
CloseHandle
PeekNamedPipe
DisconnectNamedPipe
CreatePipe
GetStartupInfoA
GlobalSize
GlobalUnlock
GlobalAlloc
GlobalFree
GetLocalTime
SetFilePointer
LocalAlloc
UnmapViewOfFile
HeapAlloc
InitializeCriticalSection
WaitForSingleObject
GetCurrentProcess
lstrlenA
GetFileAttributesA
SetEvent
MoveFileA
ReadFile
RemoveDirectoryA
LocalReAlloc
FindNextFileA
LocalFree
FindClose
GetLogicalDriveStringsA
GetDriveTypeA
CreateDirectoryA
GetLastError
GetVersionExA
lstrcmpA
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
GetPrivateProfileSectionNamesA
lstrcpyA
DeleteCriticalSection
CreateEventA
LoadLibraryA
GetProcAddress
GetModuleFileNameA
RaiseException
InterlockedExchange

advapi32

RegCreateKeyExA
GetTokenInformation
LookupAccountSidA
RegisterServiceCtrlHandlerA
SetServiceStatus
DuplicateTokenEx
SetTokenInformation
CreateProcessAsUserA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
InitializeSecurityDescriptor
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
FreeSid
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegSetValueExA
OpenEventLogA
ClearEventLogA
CloseEventLog
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey
LsaFreeMemory
LsaOpenPolicy
LsaRetrievePrivateData
LsaClose
LookupAccountNameA
IsValidSid

msvcrt

wcstombs
_beginthreadex
calloc
??1type_info@@UAE@XZ
realloc
_onexit
_initterm
_adjust_fdiv
strncat
__CxxFrameHandler
wcscpy
_errno
strncpy
strrchr
_except_handler3
free
malloc
strchr
_CxxThrowException
memmove
strstr
_ftol
__dllonexit
_strupr
_strnicmp
_strrev
_strnset
??3@YAXPAX@Z
??2@YAPAXI@Z
_strcmpi

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

msvfw32

ICClose
ICSendMessage
ICSeqCompressFrameEnd

Exports

Exports

ClassInfo
ClassName
CodeDLL
Fuck360
SchoolInfo
ServerDll
main

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Lgnger
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1757ed5e95527039c7207cf2c9e4411d

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

msvcp60

msvfw32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 93KB

.Lgnger Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 3KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 96KB - Virtual size: 93KB

.Lgnger
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 3KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 7KB