42d1f7fcbfcda4f6423d142584b9b365_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42d1f7fcbfcda4f6423d142584b9b365_JaffaCakes118
Size

14KB
MD5

42d1f7fcbfcda4f6423d142584b9b365
SHA1

3182caac3d6985b5be0f3d68feeca911e2d5f276
SHA256

03f40cbbc7cbac7287f39ddb3d4f439affdd9c302146810967b18fb46aa61da1
SHA512

f638d8fbdfa7c2caae1cb2340c79ab8b17f54320e1ecb236c06bb141132fd8a73ee778551a577e06d3733aac35a8b239f1c596ca8281b5b2a8424c51748317be
SSDEEP

192:7mmwbb5VuE94eUo+01ulUCTYsyctRwsLk5Hh79PpefzlzyN0DG2viLXACAEOy13:ullz+01u+CpywRwsQhdp7FDYO/6jjt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42d1f7fcbfcda4f6423d142584b9b365_JaffaCakes118

Files

42d1f7fcbfcda4f6423d142584b9b365_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8f2a6ea84054e041fe406fc378236f0d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\testss\plugin\browser.pdb

Imports

shlwapi

PathFileExistsA

kernel32

Sleep
GetShortPathNameA
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
GetCurrentProcess
GetPrivateProfileStringA
InterlockedExchange
LocalFree

user32

FindWindowExA
PostMessageA
FindWindowA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

shell32

SHChangeNotify

oleaut32

VariantClear

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z

msvcr80

_crt_debugger_hook
_onexit
_lock
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__dllonexit
_unlock
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
atoi
??3@YAXPAX@Z
__clean_type_info_names_internal
??2@YAPAXI@Z
free
__CxxFrameHandler3
_CxxThrowException
memset
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit

Exports

Exports

readA
readB
readC
readD
readE
readF

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f2a6ea84054e041fe406fc378236f0d

Headers

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

user32

advapi32

shell32

oleaut32

msvcp80

msvcr80

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 428B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 428B

.reloc
Size: 1KB - Virtual size: 1KB