64b29fc86081a48c092d79dfcad8da72_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64b29fc86081a48c092d79dfcad8da72_JaffaCakes118
Size

310KB
MD5

64b29fc86081a48c092d79dfcad8da72
SHA1

7247b6f6992c2e94ea305b7ddbf5296a6b30573c
SHA256

a0646f8326630d54f5ef86aa18d6cc036e0468422eb3043a4ad68772f735fd64
SHA512

8955e1a35e6934d7e24208ee37151bc4d2a3e78f080f4436904543456d0237adccb80a6beb53e385032227f535216c06ff82cdb1bb948b6017311c207e61325b
SSDEEP

6144:r2TOnZn94lr1v6RU/bWfin1nZr01ltj7PHeK6GZTT1NVvb53u:rMOn59Q1iRUKfo9u1LjLHeK6OnV13u

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Influ3nz4 PH/inj.exe
unpack001/Influ3nz4 PH/x11.dll

Files

64b29fc86081a48c092d79dfcad8da72_JaffaCakes118
.zip
Influ3nz4 PH/inj.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Deluxor\d3d\inj\inj\obj\x86\Debug\inj.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 664KB - Virtual size: 663KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 103B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 647KB - Virtual size: 646KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Influ3nz4 PH/x11.dll
.dll windows:5 windows x86 arch:x86

c4e13769c417c5b0d6c55b126f48bc26

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Deluxor\Desktop\d3d\cabal_untamed_ph\Release\cabal_untamed_ph.pdb

Imports

kernel32

TerminateThread
Sleep
Beep
SetThreadPriority
CloseHandle
GetTempPathA
CreateThread
GetSystemTimeAsFileTime
GetCurrentProcessId
DecodePointer
InterlockedExchange
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
EncodePointer

user32

GetKeyState

msvcp100

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Incref@facet@locale@std@@QAEXXZ
??Bid@locale@std@@QAEIXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Xlength_error@std@@YAXPBD@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_BADOFF@std@@3_JB

msvcr100

_fseeki64
fflush
fgetc
fsetpos
setvbuf
_lock_file
??3@YAXPAX@Z
memcpy_s
fwrite
fclose
exit
??2@YAPAXI@Z
__CxxFrameHandler3
_malloc_crt
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_unlock
__dllonexit
_lock
_onexit
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_except_handler4_common
fgetpos
ungetc
_unlock_file
memmove
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
fputc
memcpy
_CxxThrowException

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 664KB - Virtual size: 663KB

.sdata Size: 512B - Virtual size: 103B

.rsrc Size: 647KB - Virtual size: 646KB

.reloc Size: 512B - Virtual size: 12B

c4e13769c417c5b0d6c55b126f48bc26

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcp100

msvcr100

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 664KB - Virtual size: 663KB

.sdata
Size: 512B - Virtual size: 103B

.rsrc
Size: 647KB - Virtual size: 646KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 1KB - Virtual size: 1KB