a38c12f895da2f5674332bb777dcd1ab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a38c12f895da2f5674332bb777dcd1ab_JaffaCakes118
Size

81KB
MD5

a38c12f895da2f5674332bb777dcd1ab
SHA1

0232530524e73c999b24c2d5d472b316b6f871e2
SHA256

eeebcfea325ddbc2f6c34ee5ecd14044fe0c935ab5d98fc42a32ee05865a1bde
SHA512

0fb73c2ae9f485d7b4aaecccc1adc960733f0593627c1ea9b39d44a2ede81131b5af1152c4a4c6adbafd74a3b72137b112fb4820bc842c3d7e9d95cd0e1fdc05
SSDEEP

1536:n71pstipkwd0KVsVxzpWWRpWiqDXM2rRixj8DqzQaFw:xpstipkwXE6diqF1iKDqz1Fw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a38c12f895da2f5674332bb777dcd1ab_JaffaCakes118

Files

a38c12f895da2f5674332bb777dcd1ab_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7a68905e482c1335eaf2588ebb712c0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord5683
ord4278
ord6663
ord5608
ord4203
ord690
ord665
ord1988
ord1979
ord3318
ord2803
ord6385
ord353
ord5207
ord389
ord4698
ord5356
ord5807
ord5204
ord6426
ord1228
ord1187
ord5856
ord1168
ord4079
ord2725
ord269
ord826
ord600
ord1578
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1575
ord1176
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord1116
ord4486
ord6375
ord4204
ord538
ord6467
ord1247
ord4274
ord2614
ord6877
ord6648
ord4277
ord939
ord536
ord922
ord940
ord6143
ord6145
ord941
ord5863
ord4202
ord2764
ord5861
ord543
ord2818
ord803
ord823
ord1105
ord3584
ord4129
ord540
ord541
ord568
ord537
ord535
ord860
ord926
ord924
ord858
ord800
ord2915
ord5572
ord6883
ord542
ord802
ord825
ord819
ord801

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
time
srand
atoi
exit
_iob
fprintf
strcmp
atol
calloc
rand
strlen
realloc
malloc
memset
memcpy
free
_stricmp
strncpy
_CxxThrowException
__CxxFrameHandler

kernel32

GetSystemDirectoryA
GetModuleHandleA
GetModuleFileNameA
lstrlenA
GetWindowsDirectoryA
DeleteFileA
CreateThread
CreateFileA
GetFileSize
ReadFile
CloseHandle
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
LoadLibraryA
GetProcAddress
FreeLibrary
LeaveCriticalSection
Sleep
InterlockedDecrement
EnterCriticalSection
GetTempPathA
LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
SleepEx

advapi32

AdjustTokenPrivileges
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
RegCloseKey
RegOpenKeyExA
RegSetValueExA

shell32

ShellExecuteA

ole32

CoCreateGuid
StringFromGUID2

urlmon

URLDownloadToFileA

wsock32

socket
htons
htonl
inet_addr
WSAGetLastError
closesocket
WSASetLastError
gethostbyaddr
select
__WSAFDIsSet
send
connect
setsockopt
ioctlsocket
recv

dnsapi

DnsRecordListFree
DnsQuery_A

shlwapi

PathFileExistsA

Exports

Exports

GetMd5
GetMd5ByFileName
GetModuleId
GetModuleVersion
ModuleStartup
NotifyFromServer
NotifyServer
OnKernelEventReceived

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a68905e482c1335eaf2588ebb712c0f

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

advapi32

shell32

ole32

urlmon

wsock32

dnsapi

shlwapi

Exports

Exports

Sections

.text Size: 54KB - Virtual size: 53KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 9KB - Virtual size: 13KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 9KB - Virtual size: 13KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB