713a4af6992a7d02669692d1404c1096_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

713a4af6992a7d02669692d1404c1096_JaffaCakes118
Size

62KB
MD5

713a4af6992a7d02669692d1404c1096
SHA1

bd30a93d46a2b26aabd772d520f156ceb2a51025
SHA256

61564b1e42ff1803c6d431fb2c3db4ab3c2939225413a5a984653b5e84e3ee6b
SHA512

116c728d1919f4312d54661e03a1d4c29cecdd8485b4ad872004ecb9ef76d8cd7788cfee582c27a6dfcdb2e3e74d5d3ba4b559a9bc557219767a6307442a1a64
SSDEEP

384:/PE2zsSITjoPsyJ0i4TvMwTdKNKuNAUTMeOkN4fMxMBdIe1wrcxUxi:U2zGTj/Y4TNcM8IenN4UxMBdIgjSU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
713a4af6992a7d02669692d1404c1096_JaffaCakes118

Files

713a4af6992a7d02669692d1404c1096_JaffaCakes118
.dll windows:4 windows x86 arch:x86

568d4cde4cab52731b48b236221844bb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
ReleaseMutex
GetLastError
VirtualFreeEx
VirtualAllocEx
FindClose
FindNextFileA
lstrcmpiA
lstrcatA
CloseHandle
GetCurrentProcess
Module32First
VirtualProtectEx
GetModuleHandleA
ReadFile
GetFileSize
WideCharToMultiByte
GetPrivateProfileStringA
CreateMutexA
DeleteFileA
GetModuleFileNameA
CopyFileA
TerminateProcess
GlobalFree
GlobalUnlock
DisableThreadLibraryCalls
MultiByteToWideChar
CreateFileA
GetTempPathA
GetCurrentProcessId
GetTickCount
WaitForSingleObject
Sleep
LoadLibraryA
GetProcAddress
WinExec
lstrcpyA
lstrlenA

user32

GetWindowRect
GetForegroundWindow
GetWindowThreadProcessId
wsprintfA
SetThreadDesktop
OpenDesktopA
SetProcessWindowStation
OpenWindowStationA
ReleaseDC
GetDC

gdi32

GetNearestPaletteIndex
DeleteObject
GetPaletteEntries
CreateHalftonePalette

advapi32

SetSecurityDescriptorDacl
LookupPrivilegeValueA
OpenProcessToken

msvcp60

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

shlwapi

StrRStrIA
StrStrIA

msvcrt

strchr
strlen
strncat
_splitpath
_purecall
free
__dllonexit
_onexit
sscanf
strstr
atoi
memset
strcmp
strcpy
_beginthreadex
__CxxFrameHandler
_itoa
??2@YAPAXI@Z
memcpy
fclose
fputc
fwrite
fopen
fflush

imagehlp

MakeSureDirectoryPathExists

ws2_32

WSAStartup
gethostbyname
getpeername

Exports

Exports

GetName
_GetName@16

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shard
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

568d4cde4cab52731b48b236221844bb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcp60

shlwapi

msvcrt

imagehlp

ws2_32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 14KB

.bss Size: - Virtual size: 64KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 29KB - Virtual size: 29KB

.CRT Size: 512B - Virtual size: 4B

shard Size: 10KB - Virtual size: 9KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 14KB

.bss
Size: - Virtual size: 64KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 29KB - Virtual size: 29KB

.CRT
Size: 512B - Virtual size: 4B

shard
Size: 10KB - Virtual size: 9KB

.reloc
Size: 3KB - Virtual size: 2KB