61297a3081abfce36329278b230b53f3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

61297a3081abfce36329278b230b53f3_JaffaCakes118
Size

176KB
MD5

61297a3081abfce36329278b230b53f3
SHA1

be37a30578cac4f4496573ccc8edd19f3e465e6c
SHA256

1be4b6964a1a393f510311ff916899dc7234fe7c41af6be241b878331fa72895
SHA512

afe95cff4d383651fdb052247abaff8578e66ed6a8c12f9ce546dcac1953e026ebf13fbd6642d023dd0ae50430dbf596c45910ec1eaa059118951e5261127605
SSDEEP

3072:SqOYf+FA24w8P75UFCsdbVb8n2ARkD9DTVF9QLQid0SWl10+W9dTo8:S7hFa5UFC7lkDlTPOLdz+10t9dU8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61297a3081abfce36329278b230b53f3_JaffaCakes118

Files

61297a3081abfce36329278b230b53f3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

25ad30fb3daa90f52ef620f75665f454

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
GetProcAddress
LoadLibraryA
VirtualAlloc
Sleep
FreeLibrary
FindClose
LocalFree
LocalReAlloc
GetFileSize
ReadFile
GetCurrentProcess
DeleteFileA
MoveFileA
ResumeThread
GetLocalTime
MapViewOfFile
HeapAlloc
GlobalFree
GlobalAlloc
GetStartupInfoA
CreatePipe
PeekNamedPipe
DeviceIoControl
GlobalMemoryStatus
GetSystemInfo
SetErrorMode
GetTempPathA
SetEvent
WaitForSingleObject
TerminateThread
CloseHandle
GetTickCount
CreateEventA

user32

SetRect
CreateWindowExA
GetThreadDesktop
OpenInputDesktop
CloseDesktop
IsWindowVisible
GetMessageA
CharNextA
MessageBoxA
GetWindowTextA
EnumWindows
wsprintfA
LoadCursorA
DestroyCursor
mouse_event
CloseClipboard
GetDC
DispatchMessageA
GetCursorInfo
TranslateMessage
SendMessageA
IsWindow

shell32

SHGetFileInfoA
SHGetSpecialFolderPathA

shlwapi

SHDeleteKeyA

msvcrt

wcstombs
realloc
strncat
_errno
strncmp
calloc
??1type_info@@UAE@XZ
_strnicmp
_strupr
_beginthreadex
atoi
strncpy
strrchr
_except_handler3
free
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
memmove
ceil
_ftol
strstr
_CxxThrowException
strchr
malloc
_strcmpi

winmm

waveOutClose
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInStart
waveOutWrite
waveInStop
waveInReset
waveInUnprepareHeader
waveInClose
waveOutReset
waveOutUnprepareHeader
waveInAddBuffer

ws2_32

__WSAFDIsSet
connect
socket
send
recv
htons

msvcp60

?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ

msvfw32

ICSeqCompressFrameStart
ICSendMessage
ICOpen
ICClose
ICSeqCompressFrameEnd
ICCompressorFree
ICSeqCompressFrame

wtsapi32

WTSQueryUserToken

userenv

CreateEnvironmentBlock

Exports

Exports

LonelyMain
Startup

Sections

.text
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25ad30fb3daa90f52ef620f75665f454

Headers

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

msvcrt

winmm

ws2_32

msvcp60

msvfw32

wtsapi32

userenv

Exports

Exports

Sections

.text Size: 136KB - Virtual size: 132KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 10KB

.CRT Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 136KB - Virtual size: 132KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 10KB

.CRT
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB