d5032449234d41a7a2cdf19af329f8b6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d5032449234d41a7a2cdf19af329f8b6_JaffaCakes118
Size

96KB
MD5

d5032449234d41a7a2cdf19af329f8b6
SHA1

34cddeeb8f11c1e5fed0f3ded574e2214550d5d5
SHA256

3ea230b91c108ea709847c146f210be7c77a99ea394694b9c1333756ddea8dd4
SHA512

7f106f388c2623d7689447fdf0547100a2ae2996e28ed0d9b6aefc5606e321867b50136addb3ff4e05980897e75604e30781e73a7afa54a825c17808aa872bcc
SSDEEP

1536:6cixt+DrdjN9DrzSyzGqwx6JDN9S4A3VxESxYYcAN2oC45:qxterlDoTxVxYYcAN2w5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5032449234d41a7a2cdf19af329f8b6_JaffaCakes118

Files

d5032449234d41a7a2cdf19af329f8b6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

46b477cc4ccc00bc589558b9cb2921dd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
Sleep
CloseHandle
CreateFileW
CreateThread
WaitForSingleObject
CancelWaitableTimer
CreateWaitableTimerW
SetWaitableTimer
TerminateProcess
lstrcpyA
lstrlenA
FormatMessageW
LocalAlloc
LocalFree
GetLocaleInfoW
OpenProcess
GetVersionExW
GetTempPathW
MultiByteToWideChar
WideCharToMultiByte
lstrcpyW
GetModuleFileNameW
GetLocalTime
lstrlenW
lstrcpynW
lstrcmpW
ReadFile
WriteFile
GetFileSize
GetLastError
SetFileAttributesW
MoveFileExW
DeleteFileW
FileTimeToSystemTime
GetFileTime
GetComputerNameW

shell32

ShellExecuteW

msvcp60

?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??1_Lockit@std@@QAE@XZ

msvcrt

memset
memcpy
strlen
_CxxThrowException
time
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
free
??1type_info@@UAE@XZ
_initterm
malloc
_adjust_fdiv
__dllonexit
_onexit
??2@YAPAXI@Z

user32

wsprintfW
wsprintfA
GetWindowTextW
GetWindowTextLengthW
EnumWindowStationsW
EnumDesktopsW
OpenWindowStationW
CloseDesktop
EnumDesktopWindows
OpenDesktopW
GetWindowThreadProcessId

advapi32

RegCreateKeyExW
RegQueryValueExW
RegQueryValueExA
RegSetValueExW
RegSetValueExA
RegCloseKey
RegEnumValueW
RegQueryInfoKeyW

wininet

HttpOpenRequestW
InternetCloseHandle
InternetOpenW
InternetCrackUrlW
InternetConnectW
InternetReadFile
HttpSendRequestW

shlwapi

StrStrW
StrStrIW
StrRChrW
StrChrW

psapi

GetModuleBaseNameW

Exports

Exports

acos3
actg3
asin3
atan3
cos3
ctg3
mul
p
sin3
tan3

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46b477cc4ccc00bc589558b9cb2921dd

Headers

File Characteristics

Imports

kernel32

shell32

msvcp60

msvcrt

user32

advapi32

wininet

shlwapi

psapi

Exports

Exports

Sections

.text Size: 59KB - Virtual size: 59KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 3KB - Virtual size: 2KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 59KB - Virtual size: 59KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 3KB - Virtual size: 2KB

.reloc
Size: 5KB - Virtual size: 5KB