171bf46e10d5a5da9ce95498bc0b496b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

171bf46e10d5a5da9ce95498bc0b496b_JaffaCakes118
Size

289KB
MD5

171bf46e10d5a5da9ce95498bc0b496b
SHA1

8e9c4fa6963af73c7e5377e4181648d98bc72ecd
SHA256

89547258748965e9b432a721d188133d37c406310d31be366a31eb6312355eb0
SHA512

e169a22dd0e2bbe04986740fb2dbd2b1c031a0f37c69a028f1e559a350891d0b29fbb6ac46f7fecd723b7e0d3babf3c8a26cf3a63ae676472984082a7f4a63ab
SSDEEP

6144:8Rc6pJtzzdVVHz3YWAfhd95TFmiHSaoi2yfDWzmV/FHRa:8Rc6pJZzdVVHcfhdPTFLvoixfyzmrR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
171bf46e10d5a5da9ce95498bc0b496b_JaffaCakes118

Files

171bf46e10d5a5da9ce95498bc0b496b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

304f281e66d13952031e8944e7e2c9d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

recv
send

mfc42

ord2405
ord755
ord2971
ord470
ord2379
ord1146
ord1168
ord3402
ord3711
ord6128
ord4299
ord2112
ord5148
ord3752
ord4694
ord2864
ord5440
ord6383
ord5450
ord6394
ord783
ord540
ord800
ord941
ord537
ord858
ord924
ord860
ord2086
ord6199
ord2818
ord1253
ord342
ord1182
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord1775
ord5280
ord4425
ord3597
ord641
ord324
ord2370
ord4234
ord6334
ord4710
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord2575
ord4396
ord3574
ord3719
ord793
ord609
ord616
ord656
ord2363
ord2301
ord2302
ord4224
ord2642
ord926
ord3317
ord665
ord1979
ord6385
ord5186
ord354
ord798
ord1997
ord6648
ord4129
ord2763
ord5465
ord5194
ord533
ord939
ord3610
ord2582
ord4402
ord3370
ord3640
ord693
ord3996
ord2764
ord6907
ord3286
ord6007
ord3998
ord5953
ord6663
ord692
ord6438
ord6880
ord3092
ord922
ord5710
ord5572
ord2915
ord4202
ord5442
ord3318
ord6779
ord535
ord5773
ord2289
ord6407
ord3803
ord4465
ord6646
ord2299
ord6111
ord5981
ord3874
ord2362
ord1771
ord6366
ord2413
ord2024
ord4219
ord1640
ord4401
ord3639
ord5951
ord4278
ord6874
ord3089
ord472
ord4133
ord4297
ord5788
ord2754
ord2567
ord2450
ord5875
ord1270
ord2513
ord293
ord3693
ord394
ord696
ord400
ord702
ord4191
ord915
ord5634
ord5628
ord3435
ord3441
ord4185
ord909
ord1949
ord3619
ord773
ord501
ord5600
ord3573
ord283
ord5789
ord2860
ord3259
ord4774
ord2452
ord1156
ord1126
ord826
ord4644
ord4217
ord2576
ord4397
ord3352
ord3577
ord4225
ord5263
ord4060
ord4123
ord3028
ord764
ord3797
ord824
ord6453
ord4204
ord2919
ord3754
ord3753
ord6403
ord3870
ord809
ord556
ord1088
ord2122
ord4160
ord6197
ord2714
ord5787
ord6358
ord3807
ord1176
ord4284
ord5053
ord1815
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6172
ord5873
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord6021
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord2859
ord1641
ord823
ord5785
ord2753
ord6215
ord4275
ord2414
ord825
ord567
ord323
ord818
ord640
ord3626
ord3571
ord3663
ord3742
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord2581
ord3136
ord4407
ord1776
ord4078
ord6055
ord3095
ord2776

msvcrt

_adjust_fdiv
malloc
_initterm
free
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
memmove
sprintf
isspace
isdigit
time
localtime
strftime
_purecall
_ftol
__CxxFrameHandler
_ultoa

kernel32

MulDiv
lstrcpyA
lstrcmpiA
GetCurrentThreadId
lstrcmpA
CreateDirectoryA
CreateFileA
_lcreat
Sleep
EnterCriticalSection
LeaveCriticalSection
GetTickCount
GetPrivateProfileStringA
DeleteCriticalSection
OpenFileMappingA
GetModuleHandleA
GetModuleFileNameA
MapViewOfFile
UnmapViewOfFile
VirtualProtect
InitializeCriticalSection
SetFilePointer
CloseHandle
OpenFile
ReadFile
GetVersion

user32

LoadIconA
IsWindow
GetDlgItem
UpdateWindow
GetWindowRect
GetSysColor
CreateCursor
GetSystemMetrics
DestroyCursor
InflateRect
InvalidateRect
ScreenToClient
ClientToScreen
DefWindowProcA
ReleaseCapture
PtInRect
ReleaseDC
GetWindowDC
WindowFromPoint
OffsetRect
EndPaint
DrawFocusRect
SetRect
BeginPaint
FillRect
ShowWindow
CreateWindowExA
SetCapture
RegisterClassA
UnregisterClassA
DestroyWindow
SetWindowTextA
GetWindowLongA
GetClassNameA
GetWindow
GetTopWindow
GetCursorPos
GetCapture
WindowFromDC
SetWindowLongA
CallWindowProcA
IsWindowEnabled
GetScrollInfo
SetRectEmpty
DrawIconEx
LoadBitmapA
DrawFrameControl
IsZoomed
EndDeferWindowPos
DeferWindowPos
EqualRect
BeginDeferWindowPos
SetParent
RedrawWindow
IntersectRect
IsRectEmpty
EnableScrollBar
TabbedTextOutA
DrawTextA
GrayStringA
PostMessageA
CallNextHookEx
GetActiveWindow
GetFocus
IsChild
GetWindowTextA
FindWindowExA
FindWindowA
SetFocus
GetForegroundWindow
IsWindowVisible
SetWindowPos
SetWindowsHookExA
UnhookWindowsHookEx
wsprintfA
EnableWindow
SetTimer
KillTimer
GetParent
SendMessageA
CopyRect
ShowScrollBar
CloseWindow
LoadCursorA
SetCursor
GetClientRect
GetDC

gdi32

SetBitmapBits
SetTextColor
GetMapMode
PtVisible
RectVisible
Escape
Polygon
GetObjectA
GetTextExtentPoint32A
GetCurrentObject
CreatePen
SetPixel
GetDeviceCaps
CreateFontIndirectA
DeleteObject
SelectObject
MoveToEx
LineTo
GetStockObject
Rectangle
SetBkColor
ExtTextOutA
GetPixel
SetBkMode
TextOutA
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush

Exports

Exports

SetHook

Sections

.text
Size: 194KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

304f281e66d13952031e8944e7e2c9d7

Headers

File Characteristics

Imports

wsock32

mfc42

msvcrt

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 194KB - Virtual size: 196KB

.rdata Size: 32KB - Virtual size: 36KB

.data Size: 18KB - Virtual size: 44KB

.rsrc Size: 18KB - Virtual size: 20KB

.reloc Size: 20KB - Virtual size: 20KB

.aspack Size: 5KB - Virtual size: 8KB

.text
Size: 194KB - Virtual size: 196KB

.rdata
Size: 32KB - Virtual size: 36KB

.data
Size: 18KB - Virtual size: 44KB

.rsrc
Size: 18KB - Virtual size: 20KB

.reloc
Size: 20KB - Virtual size: 20KB

.aspack
Size: 5KB - Virtual size: 8KB