8bdff471b6a66c158a2f77c47152f5f4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8bdff471b6a66c158a2f77c47152f5f4_JaffaCakes118
Size

1.4MB
MD5

8bdff471b6a66c158a2f77c47152f5f4
SHA1

c7d4c499d7d9fc7678ac139527d132fe338bc278
SHA256

1deeca8c51c68fd91efdbfb02933bb4e7942931cfe7121b3708da0d9a07eac26
SHA512

d7496c6ca8c0cefd154f65d49bc3f73500063bd139764e5b081d26f56825733c2d2e0deee79ebd8067a3ad8f1887ad4c1e84beeccf8147227c27c30943377770
SSDEEP

24576:D5OZL8o5OEUpGdJaq6gNhA6bMmPA1uBBjjh3C4xW+JP:D5a8oLBbA64mPA1uBBjjhmOP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bdff471b6a66c158a2f77c47152f5f4_JaffaCakes118

Files

8bdff471b6a66c158a2f77c47152f5f4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

597554b664ff6c858d050d92c1f40cd9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSASend
WSARecv

winio

GetPortVal
InitializeWinIo
ShutdownWinIo
SetPortVal

mfc42d

ord2640
ord730
ord485
ord2168
ord901
ord903
ord812
ord4402
ord4987
ord3393
ord550
ord4951
ord3572
ord1590
ord719
ord880
ord2995
ord2520
ord284
ord2291
ord734
ord4195
ord3629
ord3948
ord4017
ord1862
ord4753
ord3362
ord1364
ord3651
ord4176
ord1781
ord4118
ord5076
ord3618
ord4208
ord2078
ord1310
ord3069
ord3670
ord2076
ord1566
ord5078
ord3002
ord4064
ord1344
ord4191
ord1830
ord1631
ord4205
ord3786
ord3658
ord1952
ord1228
ord2875
ord586
ord699
ord677
ord700
ord574
ord335
ord519
ord475
ord520
ord454
ord317
ord1748
ord1766
ord1772
ord1757
ord1857
ord3524
ord2104
ord3944
ord2319
ord2621
ord3221
ord4432
ord422
ord2435
ord4896
ord4302
ord3831
ord2316
ord4589
ord4615
ord736
ord2068
ord813
ord2634
ord2383
ord985
ord3555
ord2127
ord3086
ord2353
ord3403
ord4403
ord2295
ord593
ord1511
ord2489
ord3343
ord2142
ord2133
ord345
ord4330
ord5056
ord1019
ord851
ord3042
ord4390
ord986
ord1021
ord899
ord4912
ord4391
ord573
ord556
ord1799
ord4303
ord4978
ord2409
ord1316
ord714
ord1638
ord1640
ord1639
ord293
ord316
ord3244
ord1096
ord824
ord4934
ord723
ord4126
ord3015
ord2719
ord2561
ord2406
ord507
ord3110
ord2725
ord3177
ord4596
ord3563
ord3297
ord3481
ord2128
ord1788
ord4380
ord823
ord2129
ord2255
ord3554
ord5019
ord3655
ord3517
ord3174
ord1812
ord2307
ord1043
ord685
ord493
ord487
ord684
ord492
ord706
ord728
ord528
ord2986
ord4492
ord1285
ord2021
ord285
ord726
ord551
ord1192
ord1166
ord1164
ord1186
ord1129
ord1179
ord1101
ord1157
ord3657
ord3784
ord3367
ord2431
ord3142
ord3144
ord3143
ord2339
ord2432
ord2341
ord2585
ord2473
ord3691
ord2584
ord2481
ord2340
ord4408
ord4215
ord4239
ord3826
ord3366
ord4229
ord4227
ord2661
ord1789
ord4130
ord1033
ord3231
ord4415
ord1860
ord1880
ord3702
ord5077
ord3552
ord1136
ord4266
ord1183
ord282
ord5094
ord1411
ord3369
ord1041
ord1171
ord721
ord333
ord1114
ord1087
ord1191
ord1189
ord1110
ord1050
ord2351
ord4457

msvcrtd

_adjust_fdiv
_malloc_dbg
_initterm
_free_dbg
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
??1type_info@@UAE@XZ
_ftol
fputs
sprintf
fseek
fwrite
printf
atoi
fread
memcmp
fopen
fgets
fclose
_CrtDbgReport
strcpy
abs
memset
_CxxThrowException
__CxxFrameHandler
memcpy
_chkesp
_stat

kernel32

MultiByteToWideChar
lstrcatA
lstrlenA
lstrcpyA
lstrlenW
EnterCriticalSection
LeaveCriticalSection
GetPrivateProfileIntA
CopyFileA
FindFirstFileA
FindClose
GetModuleFileNameA
GetProcAddress
GetPrivateProfileStringA
SetCurrentDirectoryA
CreateThread
DeleteCriticalSection
HeapDestroy
WideCharToMultiByte
VirtualProtect
GetCurrentProcess
WriteProcessMemory
SetFileAttributesA
WritePrivateProfileStringA
lstrcmpiA
GetModuleHandleA
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
HeapAlloc
GetProcessHeap
ReadProcessMemory
GetPrivateProfileSectionNamesA
LocalFree
LocalAlloc
FreeLibrary
LoadLibraryA
InitializeCriticalSection
Sleep
CloseHandle
Process32Next
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
FlushFileBuffers
WriteFile
VirtualQuery
CreateFileA

user32

EmptyClipboard
SetClipboardData
wsprintfA
OpenClipboard
ShowScrollBar
SetForegroundWindow
ReleaseDC
GetDC
MapVirtualKeyA
mouse_event
SetCursorPos
CloseClipboard
CallNextHookEx
GetSystemMetrics
GetClassNameA
GetKeyState
SetWindowsHookExA
UnhookWindowsHookEx
CharNextA
GetCursorPos
FindWindowA

gdi32

GetDIBits
DeleteObject
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
StretchDIBits
SetDIBitsToDevice
SetStretchBltMode
SelectPalette
SetMapMode
GetPixel
DeleteDC

shell32

ShellExecuteA

ole32

CoCreateInstance

oleaut32

LoadTypeLi
SysAllocString
SysFreeString
RegisterTypeLi

wininet

InternetOpenUrlA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
InternetOpenA

Exports

Exports

ReturnShare
SdoInstallHook
SdoUninstallHook

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 649B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

597554b664ff6c858d050d92c1f40cd9

Headers

File Characteristics

Imports

ws2_32

winio

mfc42d

msvcrtd

kernel32

user32

gdi32

shell32

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 104KB - Virtual size: 100KB

.data Size: 4KB - Virtual size: 264KB

.idata Size: 8KB - Virtual size: 7KB

Shared Size: 4KB - Virtual size: 649B

.rsrc Size: 16KB - Virtual size: 13KB

.reloc Size: 52KB - Virtual size: 49KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 104KB - Virtual size: 100KB

.data
Size: 4KB - Virtual size: 264KB

.idata
Size: 8KB - Virtual size: 7KB

Shared
Size: 4KB - Virtual size: 649B

.rsrc
Size: 16KB - Virtual size: 13KB

.reloc
Size: 52KB - Virtual size: 49KB