2a6bf91f21ffc89b4e04663705ac351a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2a6bf91f21ffc89b4e04663705ac351a_JaffaCakes118
Size

168KB
MD5

2a6bf91f21ffc89b4e04663705ac351a
SHA1

bc63a6d1ee6ebf7f289bbcaa84f01d90660d7f5c
SHA256

9291ff821d8ff457d51843de735c86d077bdd05140d826b637a9628e22fba9c9
SHA512

78e36b8b8dd8f9cbb0b2a7b6292e93f870eacdf0fa1ea2ea0d43d9e3b70e9de508e4a67f8cb5c306ca7fed31b2c6a318c526cff86caf4b51b998a20254f1cf52
SSDEEP

3072:GCqOhkMUJnOnAOdiuAnwFv+oeLKkXfVmRt86p:pqMUuXdiuA2vhM/PVmRt5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a6bf91f21ffc89b4e04663705ac351a_JaffaCakes118

Files

2a6bf91f21ffc89b4e04663705ac351a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2502ee273e5b1fc65b4cd04f3765c974

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\Xeb\DVDNavExt\DVDNavExt\Release\DVDNavExt.pdb

Imports

rpcrt4

UuidToStringW
RpcStringFreeW
UuidFromStringW

kernel32

WideCharToMultiByte
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetLastError
InterlockedIncrement
InterlockedDecrement
lstrlenA
lstrcmpiA
lstrlenW
lstrcpyA
GetModuleHandleA
GetModuleFileNameA
lstrcpynA
IsDBCSLeadByte
LeaveCriticalSection
EnterCriticalSection
CloseHandle
WaitForSingleObject
Sleep
CreateThread
CreateEventA
lstrcatA
GetCurrentThreadId
SetEvent
FreeLibrary
SizeofResource
MultiByteToWideChar
FindResourceA
LoadLibraryExA
GetCommandLineA
OutputDebugStringA
GetPrivateProfileStringW
LocalFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
ExitProcess
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
LoadResource

user32

CharNextA
TranslateMessage
DispatchMessageA
GetMessageA
PostThreadMessageA
CharUpperA

advapi32

RegDeleteValueA
RegQueryValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA

shell32

SHGetFileInfoA

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemFree
StringFromCLSID
CoInitialize
CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

VariantClear
SysAllocStringByteLen
RegisterTypeLi
UnRegisterTypeLi
SysAllocString
SysStringLen
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
SafeArrayAccessData
SafeArrayUnaccessData
SysFreeString

shlwapi

PathFindExtensionA
PathFindExtensionW

msvcr71

__p__fmode
__set_app_type
_controlfp
_wcsrev
memset
__security_error_handler
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
rand
wcsstr
strncmp
printf
calloc
abort
srand
sprintf
_ftime
_iob
fprintf
strncpy
wcsncpy
_resetstkoflw
??2@YAPAXI@Z
realloc
??3@YAXPAX@Z
_onexit
__dllonexit
?terminate@@YAXXZ
_mbschr
malloc
free
_CxxThrowException
_except_handler3
??_U@YAPAXI@Z
__CxxFrameHandler
??_V@YAXPAX@Z
_purecall
??1type_info@@UAE@XZ

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2502ee273e5b1fc65b4cd04f3765c974

Headers

File Characteristics

PDB Paths

Imports

rpcrt4

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

msvcr71

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 864B

.rsrc Size: 44KB - Virtual size: 44KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 864B

.rsrc
Size: 44KB - Virtual size: 44KB