7918628396d083f554cd635a3342a513_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7918628396d083f554cd635a3342a513_JaffaCakes118
Size

124KB
MD5

7918628396d083f554cd635a3342a513
SHA1

c464acb80d59e2adf6b41165454031fd937fb24e
SHA256

2e1b1632f731d0bf06e54b098ebaa758937d9326bf88f6f895c2e752acee6005
SHA512

eb5f19aeac1d0585193acd9f35f3ce0bc8e123143331cfbbba4f3615f7db522d740c818ca597bd78238a3677cb435a8ca71042fee663e38fb983307406bf7a70
SSDEEP

3072:vJwzWt1BXEzi7YNCVVBsUDJMOgdLVlEu:vJF1Qi7c0uJdJSu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7918628396d083f554cd635a3342a513_JaffaCakes118

Files

7918628396d083f554cd635a3342a513_JaffaCakes118
.dll windows:4 windows x86 arch:x86

73823ec4f624fd98e7635622bc666a5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

ntohs
inet_ntoa
getpeername
getsockname
WSCEnumProtocols
closesocket
WSAGetLastError
send

mfc42

ord6143
ord6139
ord389
ord5207
ord353
ord6385
ord2803
ord3318
ord1979
ord1988
ord665
ord690
ord1154
ord6467
ord354
ord5857
ord5442
ord533
ord5194
ord798
ord5465
ord1997
ord6407
ord3726
ord5829
ord5606
ord772
ord500
ord5860
ord1158
ord5863
ord6663
ord6145
ord6779
ord940
ord287
ord568
ord819
ord610
ord823
ord4278
ord5861
ord5683
ord6648
ord5608
ord860
ord922
ord2818
ord4202
ord540
ord541
ord941
ord939
ord924
ord6877
ord6883
ord2915
ord926
ord535
ord858
ord4129
ord4277
ord2764
ord538
ord537
ord825
ord801
ord800
ord5186

msvcrt

_adjust_fdiv
_initterm
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
atoi
realloc
srand
time
wcstombs
rand
malloc
_purecall
free
_itoa
__CxxFrameHandler
memcpy
memset
calloc

kernel32

GetSystemDirectoryA
GetWindowsDirectoryA
GetProcAddress
GetModuleHandleA
WaitForSingleObject
TlsGetValue
LeaveCriticalSection
EnterCriticalSection
SetLastError
ResetEvent
TlsSetValue
lstrlenA
CreateThread
GetLastError
CreateMutexA
DeleteFileA
OutputDebugStringA
Sleep
GetLocaleInfoA
GetTempPathA
GetTickCount
LoadLibraryA
FreeLibraryAndExitThread
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
ExpandEnvironmentStringsA
GetVersionExA
GetQueuedCompletionStatus
WaitForSingleObjectEx
PostQueuedCompletionStatus
ReleaseSemaphore
CreateIoCompletionPort
CreateSemaphoreA
GetSystemInfo
TlsFree
TlsAlloc
GetModuleFileNameA

user32

RegisterClassA
CreateWindowExA
SetWindowLongA
GetWindowLongA
DefWindowProcA
LoadCursorA
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
PostThreadMessageA
LoadIconA

gdi32

GetStockObject

advapi32

RegDeleteValueA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegEnumValueA
RegSetValueExA

shell32

ShellExecuteA

ole32

CoCreateGuid
StringFromGUID2

Exports

Exports

WSPStartup

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

73823ec4f624fd98e7635622bc666a5c

Headers

File Characteristics

Imports

ws2_32

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 71KB

.text1 Size: 12KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 5KB

.data1 Size: 16KB - Virtual size: 12KB

.reloc Size: 8KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 72KB - Virtual size: 71KB

.text1
Size: 12KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 5KB

.data1
Size: 16KB - Virtual size: 12KB

.reloc
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 4KB