0f3c02381a2b564148f111a33ff8e11b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f3c02381a2b564148f111a33ff8e11b_JaffaCakes118
Size

247KB
MD5

0f3c02381a2b564148f111a33ff8e11b
SHA1

bfe58c72223d117eebde531f01e46c743e5963ef
SHA256

cf8d64abf1be279597d6d3c6827e96310af347131b79ef2d078111da45f0c6fc
SHA512

9618ed2d6bade9df0d9c7eb0059fb0caf3384397cd39ec0b878143cce32f4c99b5eec391728e56cd9395249e138694488852fffb149a3abff61714f5df274b8d
SSDEEP

6144:WliSq/lPSLMofnrkDu5J663GVZ4HON/qj:Wlnq18rkDUeZ4HONi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f3c02381a2b564148f111a33ff8e11b_JaffaCakes118

Files

0f3c02381a2b564148f111a33ff8e11b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

550f0e81bcc98449e64d8cb409d91b47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
InterlockedDecrement

user32

MessageBoxA

thrixxx010267

ord1894
ord1835
ord131
ord1498
ord85
ord991
ord992
ord195
ord1891
ord1581
ord1823
ord138
ord103
ord1903
ord1865
ord1866
ord1901
ord864
ord133
ord686
ord631
ord583
ord268
ord989
ord990
ord1591

msvcp71

?_Nomemory@std@@YAXXZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?resize@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXI@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?flush@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z

msvcr71

__CppXcptFilter
_adjust_fdiv
_initterm
free
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
??1type_info@@UAE@XZ
_callnewh
malloc
_CIpow
exit
memmove
??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler
??3@YAXPAX@Z
??0exception@@QAE@ABV0@@Z
_CxxThrowException

Exports

Exports

CreateFaceGenModule

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qzobae6s
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8263h.9r
Size: 137KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lah0c8hn
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

550f0e81bcc98449e64d8cb409d91b47

Headers

File Characteristics

Imports

kernel32

user32

thrixxx010267

msvcp71

msvcr71

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 4KB

qzobae6s Size: 12KB - Virtual size: 12KB

8263h.9r Size: 137KB - Virtual size: 140KB

lah0c8hn Size: 8KB - Virtual size: 8KB

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 4KB

qzobae6s
Size: 12KB - Virtual size: 12KB

8263h.9r
Size: 137KB - Virtual size: 140KB

lah0c8hn
Size: 8KB - Virtual size: 8KB