6a494ed89a5a3fa12e09ff7ba9c33039_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a494ed89a5a3fa12e09ff7ba9c33039_JaffaCakes118
Size

12KB
MD5

6a494ed89a5a3fa12e09ff7ba9c33039
SHA1

3bcaccdd3a084595c3f901c5e946b81395c290ea
SHA256

b46e5ea4fde561ef438db70ced92d1394b92cd73f1db4d36afdec80da70e4082
SHA512

80724fed969bda8828d1063eee0da7c48f1ed48740b5dba6de49b61fc1da508694aaa23d87d45feda340638b5ec415f308216da32e1fd54325fc3196ac437fa6
SSDEEP

384:69rJYjHUqAoRmnwHknbjO6PaS6AD8fYtCkrDuv:69rJYjHNsPXO6PaS6AD8fYtChv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a494ed89a5a3fa12e09ff7ba9c33039_JaffaCakes118

Files

6a494ed89a5a3fa12e09ff7ba9c33039_JaffaCakes118
.dll windows:4 windows x86 arch:x86

af066538ccfb2f62173df361e9324dab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\!Development\iBundle\iModule\Release\iModule.pdb

Imports

msvcr71

__security_error_handler
?terminate@@YAXXZ
_onexit
__dllonexit
??1type_info@@UAE@XZ
__CppXcptFilter
??3@YAXPAX@Z
_adjust_fdiv
_initterm
_except_handler3
_CxxThrowException
malloc
free
strlen
strcat
strcpy
memcpy
memset
rand
??2@YAPAXI@Z

shlwapi

StrStrIA
StrRChrA

advapi32

RegFlushKey
SetSecurityInfo
SetEntriesInAclA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
RegSetValueA
RegQueryValueA
RegOpenKeyExA
RegSetValueExA

wininet

InternetOpenA
InternetReadFile
InternetCloseHandle
InternetOpenUrlA

ole32

CoCreateGuid
StringFromGUID2

user32

GetMessageA
CreateWindowExA
DefWindowProcA
GetCursorPos
wsprintfA
TranslateMessage
DispatchMessageA
UpdateWindow
RegisterClassA

kernel32

LocalFree
GetVersionExA
CreateFileA
WriteFile
CloseHandle
GetSystemTimeAsFileTime
CreateProcessA
GetTempPathA
lstrlenA
ReadFile
LoadLibraryA
GetProcAddress
GetCurrentProcess
GetCurrentThreadId
QueryPerformanceCounter
SetLastError
GetLastError
lstrcatA
lstrcpyA
GetTickCount
Sleep
GetFileSize
GetCurrentProcessId
CopyFileA
GetModuleFileNameA
GetSystemDirectoryA
CreateThread
ExitProcess
PulseEvent
CreateEventA
FreeLibrary

Exports

Exports

f
i
o
s

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af066538ccfb2f62173df361e9324dab

Headers

File Characteristics

PDB Paths

Imports

msvcr71

shlwapi

advapi32

wininet

ole32

user32

kernel32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 468B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 468B

.reloc
Size: 1KB - Virtual size: 1KB