3650fdae367c025a0dc2acef39c38f0b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3650fdae367c025a0dc2acef39c38f0b_JaffaCakes118
Size

857KB
MD5

3650fdae367c025a0dc2acef39c38f0b
SHA1

116718702cb78ce27173b9e085ca1cbf55a88339
SHA256

588cfe0f532e79619c13f261b8e507e553376fd157fceb36d041c91576a5f70e
SHA512

978fd523b72d67ca3b276de35d46ca8f45fee2955bbaf63b5c173e31a0642f1ba9d58a3a7c0ca2943b7f8d72feab41a39c8857f8b512b2cf92a21a495eaed28f
SSDEEP

12288:kTVRCz815gtrC8RL658V/OTHj+uhv6+4B96DmODWd8KuPYG+n8sWhpMchL937ve7:kTyg15urC8RL658V/KHZLZdCeb2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3650fdae367c025a0dc2acef39c38f0b_JaffaCakes118

Files

3650fdae367c025a0dc2acef39c38f0b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fdfa736a1a8c62f89e6b47fdb8812188

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\bwa\QuickTimeWin-1292\srcroot\BuildResults\NoSym\QuickTimeStreaming.pdb

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

wsock32

WSAStartup
gethostname
connect
bind
WSACancelAsyncRequest
WSAAsyncGetHostByAddr
WSAAsyncGetHostByName
WSAAsyncSelect
send
recv
select
__WSAFDIsSet
sendto
recvfrom
htonl
htons
getsockname
ntohs
shutdown
inet_ntoa
getsockopt
setsockopt
gethostbyname
WSAGetLastError
ntohl
ioctlsocket
socket
closesocket
getpeername
WSACleanup

ws2_32

WSAIoctl

wininet

InternetQueryOptionA
InternetCloseHandle
InternetOpenUrlA
HttpQueryInfoA
InternetSetStatusCallback
InternetOpenA
InternetSetOptionA
InternetErrorDlg
InternetGetConnectedState
InternetReadFileExA

kernel32

FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RtlUnwind
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
GetModuleFileNameA
CloseHandle
ReleaseMutex
WaitForSingleObject
CreateMutexA
OutputDebugStringA
SetEvent
GetCurrentThreadId
GetCurrentThread
ResumeThread
CreateEventA
GetLastError
GetVersionExA
GetTickCount
SleepEx
GlobalAlloc
GlobalFree
MulDiv
DeleteFileA
GetTempFileNameA
GetTempPathA
SetEndOfFile
SetFilePointer
WriteFile
CreateFileA
GetDiskFreeSpaceA
ReadFile
FreeLibrary
LocalFree
CreateDirectoryA
WriteConsoleA
GetProcAddress
LoadLibraryA
lstrcpynA
GetCurrentProcessId
GetModuleHandleA
LoadLibraryExA
GetSystemDirectoryA
GetFileAttributesA
GetUserDefaultLCID
GetLocaleInfoA
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
Sleep
TlsSetValue
TlsAlloc
TlsGetValue
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetProcessHeap
GetCommandLineA
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
CreateThread
ExitThread
FindNextFileA
GetOverlappedResult
ResetEvent
GetFileSize
RemoveDirectoryA
FindFirstFileA
FindClose
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetCPInfo
WriteConsoleW
GetConsoleOutputCP
HeapSize
RaiseException
ExitProcess
LocalAlloc
DeleteCriticalSection
IsValidCodePage
GetOEMCP
GetACP

user32

DialogBoxParamA
PostMessageA
EndDialog
GetDlgItem
GetWindowTextA
SetWindowTextA
SetFocus
wsprintfA
CreateWindowExA
RegisterClassA
UnregisterClassA
PeekMessageA
TranslateMessage
MessageBoxA
SetTimer
KillTimer
DestroyWindow
SendMessageA
GetMessageA
DispatchMessageA
GetWindowLongA
DefWindowProcA
GetDesktopWindow
SetWindowLongA

gdi32

GetStockObject

advapi32

RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyA
RegDeleteKeyA
FreeSid
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

ole32

CoCreateGuid

Exports

Exports

AMRRssm_ComponentDispatch
AuthComponentDispatch
BaseRcvConductor_ComponentDispatch
BaseStream_ComponentDispatch
CGBookmark_ComponentDispatch
CacheDHComponentDispatch
CookieComponentDispatch
HTTPDataHandler_ComponentDispatch
HTTPNetwork_ComponentDispatch
InetDHComponentDispatch
NetStatus_ComponentDispatch
QTCG_ComponentDispatch
QTCacheComponent_ComponentDispatch
QTSInstallTraps
QTSUninstallTraps
RTPAudioRssm_ComponentDispatch
RTPBaseRssm_ComponentDispatch
RTPComponent_ComponentDispatch
RTPH263PlusRssm_ComponentDispatch
RTPJPEGRssm_ComponentDispatch
RTPMediaCond_ComponentDispatch
RTPPayloadMap_ComponentDispatch
RTPPureVoiceRssm_ComponentDispatch
RTPQuickTimeRssm_ComponentDispatch
RTPRcvConductor_ComponentDispatch
RTPRssmH264_ComponentDispatch
RTPRssmMPEG4Audio_ComponentDispatch
RTPRssmMPEG4Video_ComponentDispatch
RTPRssmQDesign_ComponentDispatch
RTSPConductor_ComponentDispatch
SDPImporter_ComponentDispatch
SDPMovieImport_ComponentDispatch
SHBase_ComponentDispatch
SHSound_ComponentDispatch
SHText_ComponentDispatch
SHTween_ComponentDispatch
SHVideo_ComponentDispatch
SV2Rssm_ComponentDispatch
SV3Rssm_ComponentDispatch
SVandQDPatchRssm_ComponentDispatch
ShoutCastConductor_ComponentDispatch
ShoutCastMovieImport_ComponentDispatch
SocksNetwork_ComponentDispatch
StreamMedia_ComponentDispatch
StrmURLDataHandler_ComponentDispatch
StrmURLMovieImport_ComponentDispatch
TCPNetwork_ComponentDispatch
TINI_Proc
UDPNetwork_ComponentDispatch
XMLStreamImport_ComponentDispatch

Sections

.text
Size: 688KB - Virtual size: 687KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fdfa736a1a8c62f89e6b47fdb8812188

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

wsock32

ws2_32

wininet

kernel32

user32

gdi32

advapi32

ole32

Exports

Exports

Sections

.text Size: 688KB - Virtual size: 687KB

.rdata Size: 80KB - Virtual size: 76KB

.data Size: 28KB - Virtual size: 37KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 52KB - Virtual size: 52KB

.text
Size: 688KB - Virtual size: 687KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 28KB - Virtual size: 37KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 52KB - Virtual size: 52KB