cf02da30b38a1a6c4e3c32cad3c8a992_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cf02da30b38a1a6c4e3c32cad3c8a992_JaffaCakes118
Size

62KB
MD5

cf02da30b38a1a6c4e3c32cad3c8a992
SHA1

a8b0e6f13e2619d27b5628fcaf98edc078417120
SHA256

cc08d37cde43f877263bd8d34ec8245be60d2adf9f2a4cabdd1b3293cc5b7190
SHA512

fdc05a7259e88d77e88f4cff8177f003a8c0c7e231c4033e7ffdadaac9bb00ced19dc1fcd8e0d446817b4a64c000bbdcf14c7b8c6df6825ef4c423e1a8dad33d
SSDEEP

384:ZoCYRs7EroL2CJfiwvfZp+KVbnBB4UtbfPdUN4fMxMpdDewrcb1A:7YR9rBHwJBdFtqN4UxMpdDYy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf02da30b38a1a6c4e3c32cad3c8a992_JaffaCakes118

Files

cf02da30b38a1a6c4e3c32cad3c8a992_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ceb2f4d7fc3dd7b9a1f0aaf6d8bccc38

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
ReleaseMutex
GetLastError
VirtualFreeEx
VirtualAllocEx
lstrcmpiA
FindClose
FindNextFileA
lstrcatA
CloseHandle
GetCurrentProcess
Module32First
VirtualProtectEx
GetModuleHandleA
ReadFile
GetFileSize
WideCharToMultiByte
GetPrivateProfileStringA
CreateMutexA
DeleteFileA
GetModuleFileNameA
CopyFileA
TerminateProcess
GlobalFree
GlobalUnlock
DisableThreadLibraryCalls
MultiByteToWideChar
CreateFileA
GetTempPathA
GetCurrentProcessId
GetTickCount
WaitForSingleObject
Sleep
LoadLibraryA
GetProcAddress
WinExec
lstrlenA
lstrcpyA

user32

GetWindowRect
GetForegroundWindow
GetWindowThreadProcessId
wsprintfA
OpenDesktopA
SetProcessWindowStation
OpenWindowStationA
ReleaseDC
GetDC
SetThreadDesktop

gdi32

GetNearestPaletteIndex
GetPaletteEntries
DeleteObject
CreateHalftonePalette

advapi32

SetSecurityDescriptorDacl
LookupPrivilegeValueA
OpenProcessToken

msvcp60

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

shlwapi

StrRStrIA

msvcrt

strchr
strlen
strncat
_splitpath
_purecall
free
__dllonexit
_onexit
sscanf
??2@YAPAXI@Z
atoi
memset
strcmp
strcpy
_beginthreadex
__CxxFrameHandler
strstr
_itoa
memcpy
fclose
fputc
fwrite
fopen
fflush

imagehlp

MakeSureDirectoryPathExists

ws2_32

WSAStartup
gethostbyname
getpeername

Exports

Exports

GetName
_GetName@16

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shard
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ceb2f4d7fc3dd7b9a1f0aaf6d8bccc38

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcp60

shlwapi

msvcrt

imagehlp

ws2_32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 14KB

.bss Size: - Virtual size: 64KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 29KB - Virtual size: 29KB

.CRT Size: 512B - Virtual size: 4B

shard Size: 10KB - Virtual size: 9KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 14KB

.bss
Size: - Virtual size: 64KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 29KB - Virtual size: 29KB

.CRT
Size: 512B - Virtual size: 4B

shard
Size: 10KB - Virtual size: 9KB

.reloc
Size: 3KB - Virtual size: 2KB