1b7bcdcaefcf0a25782a040e764e95cb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1b7bcdcaefcf0a25782a040e764e95cb_JaffaCakes118
Size

140KB
MD5

1b7bcdcaefcf0a25782a040e764e95cb
SHA1

996e34745b32bb22d321a5288aaa0bf2d5eb29c9
SHA256

07226a46e341712c36fa05c80c526f78ecc0c1e306e241ecf759ac82f6c74d9d
SHA512

de0b97e8f27dd0b818e0891503ef6519c2595c290b44dc3d7727a1fc32ea479298ebc551b999d3237085497a42a497b2824b6f1fd7e06dcc05e3d34d0ee6cd59
SSDEEP

3072:KHqwSeBy25XtUqvFjp5lrYLNAgpP68/RoZTW:K2eaq9lrYxnpB/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b7bcdcaefcf0a25782a040e764e95cb_JaffaCakes118

Files

1b7bcdcaefcf0a25782a040e764e95cb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c168394ae577bd0d1accbc02db81037b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW

mfc71u

ord3712
ord3713
ord3703
ord2638
ord3943
ord4475
ord4255
ord3327
ord757
ord1022
ord3629
ord3589
ord5489
ord3195
ord380
ord5223
ord4563
ord5563
ord629
ord667
ord759
ord384
ord432
ord570
ord2240
ord1051
ord265
ord293
ord577
ord4320
ord2009
ord1007
ord5096
ord566
ord2527
ord3990
ord774
ord4100
ord2261
ord1118
ord896
ord5524
ord291
ord776
ord4101
ord283
ord870
ord2311
ord2697
ord777
ord5398
ord2460
ord1093
ord1170
ord314
ord1200
ord1079
ord1087
ord1162
ord581
ord1199
ord1197
ord1033
ord315
ord765
ord2640
ord2534
ord2832
ord2708
ord4301
ord2829
ord2725
ord2531
ord3824
ord5562
ord5209
ord5226
ord4562
ord3942
ord2239
ord5222
ord5220
ord2925
ord1911
ord3826
ord5378
ord6215
ord3800
ord5579
ord2054
ord6274
ord3795
ord6272
ord4008
ord4032
ord266
ord762
ord3677
ord764
ord1168
ord1192
ord1115
ord371
ord280
ord287

msvcr71

__security_error_handler
??1type_info@@UAE@XZ
__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
_CxxThrowException
__dllonexit
?terminate@@YAXXZ
_except_handler3
memset
malloc
free
wcscat
atoi
wcscmp
wcscpy
_purecall
swprintf
__CxxFrameHandler
strncpy
_wtoi
wcstombs
wcslen

kernel32

LocalAlloc
LocalFree
WriteFile
ReadFile
CreateFileW
DeviceIoControl
CloseHandle
Sleep
GetExitCodeThread
SuspendThread
InterlockedDecrement
TerminateThread
ResumeThread
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersionExA
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
QueryPerformanceCounter
GetLastError
GetCurrentThreadId
GetTickCount

user32

SendMessageW
PostMessageW
RegisterDeviceNotificationW
MessageBoxW
PostThreadMessageW

ole32

CoCreateInstance
CoUninitialize
CoInitialize
OleRun

oleaut32

VariantClear
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocString
GetErrorInfo

Exports

Exports

APInitialize
APUninitialize
GetDownloadFilesInfo
InitUSBConnection
StartAPDownloading

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c168394ae577bd0d1accbc02db81037b

Headers

File Characteristics

Imports

setupapi

mfc71u

msvcr71

kernel32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 5.9MB

.reloc Size: 76KB - Virtual size: 72KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 5.9MB

.reloc
Size: 76KB - Virtual size: 72KB