d701f6048bfad5c9d5526153da82a3f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d701f6048bfad5c9d5526153da82a3f2_JaffaCakes118
Size

140KB
MD5

d701f6048bfad5c9d5526153da82a3f2
SHA1

b68531168fd0aa1492f877b25baffb4cc88e0261
SHA256

7a9d190c2c91454b351b7672b2146e7698609b8b333a585649f71a74a4a95c09
SHA512

211d720e0d23dabfb0403878e8a9c0369ee5c376a55036ff57c143e5699a8f23c242e55b5e293eebaf17eb6c57a26de197affc49e7aaec96d805e2389f36712b
SSDEEP

3072:7g1ZcWxJ9ormCIus8JhnuV7DdZqsSqxa5fVXi5g:E7xvormCbscwHq795fo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d701f6048bfad5c9d5526153da82a3f2_JaffaCakes118

Files

d701f6048bfad5c9d5526153da82a3f2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

09f13d3919b5224527842d789e73ac35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalUnlock
GetLocalTime
LocalAlloc
UnmapViewOfFile
PeekNamedPipe
FindNextFileA
GetDriveTypeA
GetProcAddress
lstrcpyA
GetVersionExA
lstrcmpA
FreeLibrary
GetPrivateProfileSectionNamesA
LoadLibraryA
GetSystemInfo
InterlockedExchange
RaiseException
GetLastError

gdi32

DeleteDC
GetDIBits
CreateDIBSection
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt

advapi32

RegDeleteValueA
GetTokenInformation
LookupAccountSidA
DuplicateTokenEx
SetTokenInformation
CreateProcessAsUserA
RegDeleteKeyA
RegEnumValueA
RegEnumKeyExA
InitializeSecurityDescriptor
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
AdjustTokenPrivileges
RegCreateKeyExA
OpenEventLogA
ClearEventLogA
CloseEventLog
RegOpenKeyA
RegCloseKey
RegQueryValueA

msvcrt

realloc
wcstombs
_beginthreadex
calloc
free
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
strncat
_adjust_fdiv
__CxxFrameHandler
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
_strnset
_strrev
_except_handler3
strcmp
strcpy
strcat
memcmp
_CxxThrowException
memmove
strlen
malloc
_ftol
_strnicmp

winmm

waveOutOpen
waveOutPrepareHeader
waveInUnprepareHeader
waveOutGetNumDevs
waveInStop
waveInGetNumDevs
waveOutWrite
waveOutClose
waveOutUnprepareHeader
waveOutReset
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveInReset
waveInClose

msvcp60

?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

wininet

InternetOpenUrlA
InternetCloseHandle

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

msvfw32

ICSeqCompressFrameEnd
ICClose
ICSendMessage

psapi

EnumProcessModules
GetModuleFileNameExA

Exports

Exports

ClassInfo
ClassName
DCODELL
DMissll
MynNEG
SchoolInfo
main

Sections

.rdata
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09f13d3919b5224527842d789e73ac35

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

msvcrt

winmm

msvcp60

wininet

avicap32

msvfw32

psapi

Exports

Exports

Sections

.rdata Size: 112KB - Virtual size: 108KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 6KB

.rdata
Size: 112KB - Virtual size: 108KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 6KB