499afbf4459ed6300603bf0e58e1f407_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

499afbf4459ed6300603bf0e58e1f407_JaffaCakes118
Size

142KB
MD5

499afbf4459ed6300603bf0e58e1f407
SHA1

c3f1eb88ba3236e741e049f828ad50c3beb1a6d3
SHA256

43d4ca0228f07390368612facf80773968ae4b62a4b0e8b9fcc79d53551285eb
SHA512

1452b132a6eef95d753d7cd479468e695b9daa72199f536470228138ef9caf06c0e01b8bce481ab370c6dd6c1b8a9619bedd046fd3e5de8068b77025363999e7
SSDEEP

3072:W15u4Jh3G8kpchn2zripmDV37VrTAV2vmm1:W1p12zripUJO2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
499afbf4459ed6300603bf0e58e1f407_JaffaCakes118

Files

499afbf4459ed6300603bf0e58e1f407_JaffaCakes118
.dll windows:4 windows x86 arch:x86

31aa61281e6db0e0adf09fda099dcfa1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryW
LoadLibraryW
GetWindowsDirectoryW
GetProcAddress
GetEnvironmentVariableW
MoveFileExW
FreeLibrary
lstrlenW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetLastError
InterlockedIncrement
WaitForSingleObjectEx
SetUnhandledExceptionFilter
lstrlenA
WideCharToMultiByte
InterlockedCompareExchange
LocalFree
GlobalFree
lstrcmpA
GetDateFormatA
GetSystemTime
MultiByteToWideChar
CreateFileW
lstrcmpiW
GetFileAttributesExW
CompareFileTime
CloseHandle
InterlockedDecrement
lstrcpynW
LoadLibraryExA
CompareStringW
GetFileAttributesW
WaitForSingleObject
CreateThread
FormatMessageW
GetComputerNameW
Sleep
InterlockedExchange
HeapAlloc
GetProcessHeap
GetTickCount
GetCommandLineA
LocalAlloc
VirtualProtect

user32

LoadCursorW
WinHelpW
SetWindowLongW
GetClientRect
MoveWindow
SendMessageW
GetDlgItem
GetWindowRect
MapWindowPoints
SetWindowTextW
LoadStringW
SetFocus
GetFocus
SetCursor
EnableWindow

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegFlushKey
RegCloseKey
RegEnumKeyExW

ole32

CoCreateInstance
CoGetMalloc
CoUninitialize
CoTaskMemAlloc

rpcrt4

RpcEpResolveBinding
RpcStringFreeW
RpcBindingSetOption
RpcStringBindingComposeW
RpcMgmtInqServerPrincNameW
RpcRaiseException
RpcBindingFromStringBindingW
RpcBindingFree
RpcBindingSetAuthInfoW
NdrClientCall2

msvcrt

_XcptFilter
exit
_initterm
memmove
memcpy
wcsrchr
malloc
free
_amsg_exit
_adjust_fdiv
_except_handler3
__CxxFrameHandler
??3@YAXPAX@Z

msvcp60

??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Ostd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31aa61281e6db0e0adf09fda099dcfa1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

rpcrt4

msvcrt

msvcp60

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 33KB - Virtual size: 66KB

.rsrc Size: 46KB - Virtual size: 45KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 33KB - Virtual size: 66KB

.rsrc
Size: 46KB - Virtual size: 45KB

.reloc
Size: 3KB - Virtual size: 2KB