353f9a16d5d23ed30e4f38d0b31e7945_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

353f9a16d5d23ed30e4f38d0b31e7945_JaffaCakes118
Size

164KB
MD5

353f9a16d5d23ed30e4f38d0b31e7945
SHA1

84dbd014acf6740dfd1280a3909c03659d811373
SHA256

e4a3ab687a774ea006b5448477809ca808fbc66f190bef8026830b4208e36b62
SHA512

60f0735a0d1f709ff22e44d444f728b3c6e378b31781fe597cc75c15be94b07eb67a7cc1ad16c492894ca14135ef5a4fec5c7bf1a824126a9be75f8e5d19a6bc
SSDEEP

3072:mZQEfm3r+FW9U1EPgZ5su6DzAg0FuG9lN:mZQB3r+FW9U1EIrsuuzAOGl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
353f9a16d5d23ed30e4f38d0b31e7945_JaffaCakes118

Files

353f9a16d5d23ed30e4f38d0b31e7945_JaffaCakes118
.dll windows:4 windows x86 arch:x86

491800ae036d164e82453929a5f81e52

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projs\Libraries\Public\Fann\FannActive\Fann\MicrosoftWindowsDll\DLL Release\fanndoubleMT.pdb

Imports

kernel32

GetTickCount
HeapFree
HeapAlloc
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
ExitProcess
TerminateProcess
GetCurrentProcess
ReadFile
CloseHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
SetFilePointer
FlushFileBuffers
MultiByteToWideChar
VirtualProtect
GetSystemInfo
CreateFileA
SetStdHandle
RaiseException
LoadLibraryA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize
SetEndOfFile

Exports

Exports

_fann_cascadetrain_on_data@20
_fann_cascadetrain_on_file@20
_fann_clear_scaling_params@4
_fann_create_from_file@4
_fann_create_shortcut_array@8
_fann_create_sparse_array@12
_fann_create_standard_array@8
_fann_create_train_from_callback@16
_fann_descale_input@8
_fann_descale_output@8
_fann_descale_train@8
_fann_destroy@4
_fann_destroy_train@4
_fann_duplicate_train_data@4
_fann_get_MSE@4
_fann_get_activation_function@12
_fann_get_activation_steepness@12
_fann_get_bias_array@8
_fann_get_bit_fail@4
_fann_get_bit_fail_limit@4
_fann_get_callback@4
_fann_get_cascade_activation_functions@4
_fann_get_cascade_activation_functions_count@4
_fann_get_cascade_activation_steepnesses@4
_fann_get_cascade_activation_steepnesses_count@4
_fann_get_cascade_candidate_change_fraction@4
_fann_get_cascade_candidate_limit@4
_fann_get_cascade_candidate_stagnation_epochs@4
_fann_get_cascade_max_cand_epochs@4
_fann_get_cascade_max_out_epochs@4
_fann_get_cascade_num_candidate_groups@4
_fann_get_cascade_num_candidates@4
_fann_get_cascade_output_change_fraction@4
_fann_get_cascade_output_stagnation_epochs@4
_fann_get_cascade_weight_multiplier@4
_fann_get_connection_array@8
_fann_get_connection_rate@4
_fann_get_errno@4
_fann_get_errstr@4
_fann_get_layer@8
_fann_get_layer_array@8
_fann_get_learning_momentum@4
_fann_get_learning_rate@4
_fann_get_network_type@4
_fann_get_neuron@12
_fann_get_neuron_layer@12
_fann_get_num_input@4
_fann_get_num_layers@4
_fann_get_num_output@4
_fann_get_quickprop_decay@4
_fann_get_quickprop_mu@4
_fann_get_rprop_decrease_factor@4
_fann_get_rprop_delta_max@4
_fann_get_rprop_delta_min@4
_fann_get_rprop_delta_zero@4
_fann_get_rprop_increase_factor@4
_fann_get_total_connections@4
_fann_get_total_neurons@4
_fann_get_train_error_function@4
_fann_get_train_stop_function@4
_fann_get_training_algorithm@4
_fann_get_user_data@4
_fann_init_weights@8
_fann_length_train_data@4
_fann_merge_train_data@8
_fann_num_input_train_data@4
_fann_num_output_train_data@4
_fann_print_connections@4
_fann_print_error@4
_fann_print_parameters@4
_fann_randomize_weights@20
_fann_read_train_from_file@4
_fann_reset_MSE@4
_fann_reset_errno@4
_fann_reset_errstr@4
_fann_run@8
_fann_save@8
_fann_save_to_fixed@8
_fann_save_train@8
_fann_save_train_to_fixed@12
_fann_scale_input@8
_fann_scale_input_train_data@20
_fann_scale_output@8
_fann_scale_output_train_data@20
_fann_scale_train@8
_fann_scale_train_data@20
_fann_set_activation_function@16
_fann_set_activation_function_hidden@8
_fann_set_activation_function_layer@12
_fann_set_activation_function_output@8
_fann_set_activation_steepness@20
_fann_set_activation_steepness_hidden@12
_fann_set_activation_steepness_layer@16
_fann_set_activation_steepness_output@12
_fann_set_bit_fail_limit@12
_fann_set_callback@8
_fann_set_cascade_activation_functions@12
_fann_set_cascade_activation_steepnesses@12
_fann_set_cascade_candidate_change_fraction@8
_fann_set_cascade_candidate_limit@12
_fann_set_cascade_candidate_stagnation_epochs@8
_fann_set_cascade_max_cand_epochs@8
_fann_set_cascade_max_out_epochs@8
_fann_set_cascade_num_candidate_groups@8
_fann_set_cascade_output_change_fraction@8
_fann_set_cascade_output_stagnation_epochs@8
_fann_set_cascade_weight_multiplier@12
_fann_set_error_log@8
_fann_set_input_scaling_params@16
_fann_set_learning_momentum@8
_fann_set_learning_rate@8
_fann_set_output_scaling_params@16
_fann_set_quickprop_decay@8
_fann_set_quickprop_mu@8
_fann_set_rprop_decrease_factor@8
_fann_set_rprop_delta_max@8
_fann_set_rprop_delta_min@8
_fann_set_rprop_delta_zero@8
_fann_set_rprop_increase_factor@8
_fann_set_scaling_params@24
_fann_set_train_error_function@8
_fann_set_train_stop_function@8
_fann_set_training_algorithm@8
_fann_set_user_data@8
_fann_set_weight@20
_fann_set_weight_array@12
_fann_shuffle_train_data@4
_fann_subset_train_data@12
_fann_test@12
_fann_test_data@8
_fann_train@12
_fann_train_epoch@8
_fann_train_on_data@20
_fann_train_on_file@20
fann_create_shortcut
fann_create_sparse
fann_create_standard

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

491800ae036d164e82453929a5f81e52

Headers

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 100KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 16KB - Virtual size: 20KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 104KB - Virtual size: 100KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 16KB - Virtual size: 20KB

.reloc
Size: 8KB - Virtual size: 6KB