dcf7d5799988c15a61e5130ba958765d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dcf7d5799988c15a61e5130ba958765d_JaffaCakes118
Size

128KB
MD5

dcf7d5799988c15a61e5130ba958765d
SHA1

6547556726a2bcf33c3c70dc27d17bf7d48fa02e
SHA256

7531f23b109ed05ac9681d89240665a75adeeae9747e7ef4190fb1bce417a4fb
SHA512

5b076dcf38f77cf82399910ebae15c51c069e1f1019e6e21f02d7ff06b0d96c3d69de4cab716c45f4fc2a443433f0016ed4f617a0ea284366b152d8ed92efb07
SSDEEP

3072:v+RFc6KZ3zAK0+TkqaCPKahVjhQVuh3pCgi:v+En3WbRMzhVjhMuh3pQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcf7d5799988c15a61e5130ba958765d_JaffaCakes118

Files

dcf7d5799988c15a61e5130ba958765d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f1cfb16a386df122a3c7d5b0cf688f59

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
GetProcAddress
LoadLibraryA
VirtualAlloc
Sleep
FreeLibrary
FindClose
LocalFree
LocalReAlloc
GetFileSize
ReadFile
GetCurrentProcess
DeleteFileA
MoveFileExA
MoveFileA
ResumeThread
GetLocalTime
MapViewOfFile
HeapAlloc
GlobalFree
GlobalAlloc
GetStartupInfoA
CreatePipe
PeekNamedPipe
DeviceIoControl
GlobalMemoryStatus
GetSystemInfo
lstrcpyA
GetVersionExA
SetErrorMode
SetEvent
WaitForSingleObject
TerminateThread
CloseHandle
GetTickCount
CreateEventA

user32

GetDC
DispatchMessageA
TranslateMessage
SendMessageA
IsWindow
CreateWindowExA
GetThreadDesktop
OpenInputDesktop
CloseDesktop
IsWindowVisible
GetMessageA
CharNextA
MessageBoxA
GetWindowTextA
EnumWindows
wsprintfA
LoadCursorA
GetCursorInfo
DestroyCursor
mouse_event
CloseClipboard
SetRect

shell32

SHGetFileInfoA
SHGetSpecialFolderPathA

shlwapi

SHDeleteKeyA

msvcrt

_beginthreadex
realloc
strncat
_errno
strncmp
atoi
calloc
??1type_info@@UAE@XZ
_strnicmp
_strupr
wcstombs
strncpy
strrchr
_except_handler3
free
malloc
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
memmove
ceil
_ftol
strstr
_CxxThrowException
strchr
_strcmpi

winmm

waveOutUnprepareHeader
waveOutClose
waveOutReset
waveInClose
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInUnprepareHeader
waveOutWrite
waveInStop
waveInReset
waveInStart

ws2_32

socket
recv
send
htons
__WSAFDIsSet
connect

msvcp60

?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ

msvfw32

ICSeqCompressFrameStart
ICSendMessage
ICOpen
ICClose
ICSeqCompressFrameEnd
ICCompressorFree
ICSeqCompressFrame

wtsapi32

WTSQueryUserToken

userenv

CreateEnvironmentBlock

Exports

Exports

LonelyMain
Startup

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1cfb16a386df122a3c7d5b0cf688f59

Headers

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

msvcrt

winmm

ws2_32

msvcp60

msvfw32

wtsapi32

userenv

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 11KB - Virtual size: 13KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 11KB - Virtual size: 13KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 6KB