1b433ccca766e5e4d4f64dbe351a3fb3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1b433ccca766e5e4d4f64dbe351a3fb3_JaffaCakes118
Size

179KB
MD5

1b433ccca766e5e4d4f64dbe351a3fb3
SHA1

a040abc5be6cde011881a56018db415ac5079e7c
SHA256

dabdf2840904820b7c4a915ff5a01b50fb3f6d78cf04ed316411589bef1a9257
SHA512

39a4d355f602e6a34473492e3855ab6ead36c78e0037b8342fd46e4998e790b61f87d85cb4d1fdfa3accc1a2b81efe25c100639f83b5fe570af13af7d3d3452f
SSDEEP

3072:v7c5mLmrdrGJ4PFnAKbiBODzSwzlH4D/vr6AJW3MBFZC2/VlLnGK8bpEPNnPkN8S:DGmLmR6WPFnAKbiBODzSwzlH4bPflLnQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b433ccca766e5e4d4f64dbe351a3fb3_JaffaCakes118

Files

1b433ccca766e5e4d4f64dbe351a3fb3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5e4abc64e141cb3fd586acf7faec6584

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

nzbleecher

_ZN11CNzbLeecher10enginenameEi
_ZN11CNzbLeecher10selectDataER11tRecordData
_ZN11CNzbLeecher11clearFolderEPcS0_
_ZN11CNzbLeecher13resetDatabaseEv
_ZN11CNzbLeecher6searchEPcS0_S0_
_ZN11CNzbLeecher8downloadEPcS0_S0_S0_c
_ZN11CNzbLeecher9updateAgeEb
_ZN11CNzbLeecherC1EPcP19MNzbLeecherObserver
_ZN11CNzbLeecherD1Ev

advapi32

RegQueryValueA
RegSetValueA

comctl32

InitCommonControls
InitCommonControlsEx

gdi32

DeleteObject
GetStockObject
GetTextExtentPoint32A
SetBkMode
SetTextColor

kernel32

AddAtomA
CloseHandle
CreateSemaphoreA
CreateThread
FindAtomA
GetAtomNameA
GetEnvironmentVariableA
GetExitCodeThread
GetLastError
GetModuleFileNameA
GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
ReleaseSemaphore
SetLastError
SetThreadPriority
Sleep
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject

msvcrt

_write
__dllonexit
_access
_assert
_errno
_iob
abort
fclose
fflush
fgets
fopen
fprintf
free
malloc
memchr
memcpy
memmove
memset
sprintf
sscanf
strchr
strcmp
strcpy
strlen
strncpy
strrchr
strstr

ole32

OleInitialize
OleUninitialize

shell32

DragQueryFileA
ShellExecuteA

user32

CreateDialogParamA
CreateWindowExA
DestroyWindow
DialogBoxParamA
DispatchMessageA
EndDialog
GetActiveWindow
GetClientRect
GetCursorPos
GetDlgItem
GetDlgItemTextA
GetKeyState
GetMenu
GetMessageA
GetParent
GetSubMenu
GetSysColor
GetWindowDC
GetWindowLongA
GetWindowRect
GetWindowTextA
InvalidateRect
IsDialogMessageA
IsWindowVisible
LoadAcceleratorsA
LoadCursorA
LoadIconA
LoadImageA
MoveWindow
PostQuitMessage
PtInRect
SendMessageA
SetCursor
SetFocus
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TrackPopupMenu
TranslateAcceleratorA
TranslateMessage

Exports

Exports

_Z7runloopiPPcS0_

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 85B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e4abc64e141cb3fd586acf7faec6584

Headers

File Characteristics

Imports

nzbleecher

advapi32

comctl32

gdi32

kernel32

msvcrt

ole32

shell32

user32

Exports

Exports

Sections

.text Size: 67KB - Virtual size: 66KB

.data Size: 512B - Virtual size: 272B

.rdata Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 16KB

.edata Size: 512B - Virtual size: 85B

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 67KB - Virtual size: 66KB

.data
Size: 512B - Virtual size: 272B

.rdata
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 16KB

.edata
Size: 512B - Virtual size: 85B

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 3KB - Virtual size: 2KB