b30655be13af03e14706c568c5934fc5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b30655be13af03e14706c568c5934fc5_JaffaCakes118
Size

24KB
MD5

b30655be13af03e14706c568c5934fc5
SHA1

8a573fff2e418ce91a81b521a67bf574a7a9e051
SHA256

77e6474dfc87588e3e5bd5a95dc58e77d8b884cdd7621292fbca6c78037b62ab
SHA512

8325516440bf434b6cae8034b08ee68e31f84032e7b6cf82dd565e37a7209022cced72282ed3d2e0e8b8c405873bbf8865183ed70bca40a0f1fc6e5bed63ed52
SSDEEP

384:8z4QLJHeduRRyR1SFxQTNQc13ihVIn2ZbshIuGVmaq5moY:83bRg2xQZQc4HChIundhY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b30655be13af03e14706c568c5934fc5_JaffaCakes118

Files

b30655be13af03e14706c568c5934fc5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f47c8325689790b2a099973a6ae64388

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord4424
ord3742
ord567
ord4627
ord1187
ord4080
ord3079
ord3825
ord3831
ord3830
ord3402
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord690
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord2818
ord823
ord860
ord356
ord287
ord6139
ord2770
ord610
ord668
ord2781
ord4058
ord3178
ord536
ord941
ord924
ord389
ord5207
ord825
ord540
ord2764
ord4129
ord858
ord800
ord5710
ord2915
ord818

msvcrt

strncpy
free
malloc
atoi
__CxxFrameHandler
exit
_except_handler3
_strnicmp
fclose
fwrite
fopen
fread
_stat
strtok
_initterm
_adjust_fdiv

kernel32

GetCurrentProcess
CloseHandle
DisconnectNamedPipe
TerminateProcess
CreateProcessA
GlobalAlloc
GlobalReAlloc
GlobalSize
GlobalLock
GlobalFree
CreateToolhelp32Snapshot
Process32First
Process32Next
GetDriveTypeA
ExitProcess
CreateThread
WaitForSingleObject
Sleep
TerminateThread
WaitForMultipleObjects
GetVersionExA
DuplicateHandle
CreatePipe
ExitThread
GetLastError
ReadFile
PeekNamedPipe
WriteFile
DeleteFileA
OpenProcess
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateMutexA
GlobalUnlock
GetSystemDirectoryA
GetCurrentThreadId

user32

SetThreadDesktop
OpenDesktopA
SetProcessWindowStation
GetDesktopWindow
CloseDesktop
GetDC
GetWindowDC
GetWindowRect
ReleaseDC
EnableWindow
CloseWindowStation
wsprintfA
GetThreadDesktop
GetProcessWindowStation
SetWindowLongA
MoveWindow
SendMessageA
ExitWindowsEx
IsWindow
OpenWindowStationA

gdi32

GetStockObject
GetObjectA
SelectPalette
RealizePalette
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetDIBits
DeleteObject

advapi32

LookupPrivilegeValueA
RegSetValueExA
RegCreateKeyExA
CloseServiceHandle
RegDeleteKeyA
DeleteService
ControlService
QueryServiceStatus
OpenServiceA
OpenSCManagerA
RegQueryValueExA
RegOpenKeyExA
OpenProcessToken
RegCloseKey
AdjustTokenPrivileges

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

avicap32

capCreateCaptureWindowA

msvfw32

ICInfo
ICSendMessage
ICSeqCompressFrameStart
ICSeqCompressFrame
ICOpen

ws2_32

gethostbyname
WSAGetLastError
send
connect
inet_ntoa
htons
inet_addr
WSAStartup
recv
closesocket
socket

winmm

timeGetTime

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

My_Share
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f47c8325689790b2a099973a6ae64388

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

urlmon

avicap32

msvfw32

ws2_32

winmm

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 1012B

My_Share Size: 512B - Virtual size: 4B

.rsrc Size: 1024B - Virtual size: 728B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 1012B

My_Share
Size: 512B - Virtual size: 4B

.rsrc
Size: 1024B - Virtual size: 728B

.reloc
Size: 2KB - Virtual size: 1KB