75170d7bd7f2877f2b470759dcdb6e15_JaffaCakes118

General

Target

75170d7bd7f2877f2b470759dcdb6e15_JaffaCakes118
Size

121KB
MD5

75170d7bd7f2877f2b470759dcdb6e15
SHA1

f716bb700ac2595ca00a6a2bbb4225bdb4576be6
SHA256

7525ddfb5b906e66c5e4c6e729a6a9be993c02c517d0ec18a1f59821f5c1a0c2
SHA512

44fa8df99ae402e4d5e6d481d2ae1d2fe85dadaaa7fe2c2681a9a74dc7a44e9f2829519867589914fe5d5ada9b540cad8a31adb6daa9c44855325936418616ce
SSDEEP

3072:4FoQaBWdMHJNsuNjfQU0OhgH0TNsgWCPLdpBj5RFY:4FoQJMEuuihGuNs1CPLdpBj5w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75170d7bd7f2877f2b470759dcdb6e15_JaffaCakes118

Files

75170d7bd7f2877f2b470759dcdb6e15_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d821ebe97e29eee9930e0fd91bc31098

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
SetLastError
lstrlenA
WinExec
GetProcAddress
LoadLibraryA
lstrcpyA

msvcrt

strncat
wcstombs
_ltoa
localtime
time
_beginthreadex
calloc
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
_itoa
_errno
atoi
sprintf
strlen
strrchr
strncpy
strstr
strcpy
strcmp
_except_handler3
malloc
free
_CxxThrowException
memcmp
??2@YAPAXI@Z
memset
__CxxFrameHandler
_ftol
ceil
memmove
memcpy
??3@YAXPAX@Z
strncmp
_strcmpi
_strrev
_strnicmp
strcat
strftime

ws2_32

sendto
WSACleanup
WSAStartup
bind
getsockname
htons
socket
recvfrom
closesocket
ntohs
inet_addr
inet_ntoa
gethostbyname
send
select
recv
__WSAFDIsSet
gethostname
setsockopt

msvcirt

??_Dofstream@@QAEXXZ
??1ofstream@@UAE@XZ
?close@ofstream@@QAEXXZ
?write@ostream@@QAEAAV1@PBDH@Z
?open@ofstream@@QAEXPBDHH@Z
?openprot@filebuf@@2HB
??0ofstream@@QAE@XZ
??_Dfstream@@QAEXXZ
??1fstream@@UAE@XZ
?close@fstream@@QAEXXZ
?read@istream@@QAEAAV1@PADH@Z
?open@fstream@@QAEXPBDHH@Z
??0fstream@@QAE@XZ
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
??1ios@@UAE@XZ

Exports

Exports

RTPatchSetDirWalk
ServiceMain
paste

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d821ebe97e29eee9930e0fd91bc31098

Headers

File Characteristics

Imports

kernel32

msvcrt

ws2_32

msvcirt

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.data Size: 31KB - Virtual size: 31KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 80KB - Virtual size: 79KB

.data
Size: 31KB - Virtual size: 31KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 7KB