dcffaa9ff2799fd24f0b751b1d80aaf0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dcffaa9ff2799fd24f0b751b1d80aaf0_JaffaCakes118
Size

18KB
MD5

dcffaa9ff2799fd24f0b751b1d80aaf0
SHA1

6063856f2dcf7dd2f37742e9562a974036c27aaf
SHA256

684550923ba95f40622e653c2f7792612848ade9cbf8d538426f03afb2d47727
SHA512

db049bd52c2c7d1d0bf7379507e075f2d401f09dfcf537301855a5e065577ab5bd6f6e9b6637b1aa73421583c53017e18a2e53bbb4084dcfaeefb23680ebd5d6
SSDEEP

384:hKQs2YU4/pDbxNZRN2zWoiWvf1lnazf+6KA95jsAociRWwjGLuX:hKzJD1NZSzWV01lnaruA95jjOKLu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcffaa9ff2799fd24f0b751b1d80aaf0_JaffaCakes118

Files

dcffaa9ff2799fd24f0b751b1d80aaf0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

993a55a88b8cf517934361596eae11d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
WriteProcessMemory
VirtualAllocEx
ExitProcess
GetProcAddress
Sleep
CreateRemoteThread
DeviceIoControl
CreateFileA
GetVersionExA
SetFileAttributesA
DeleteFileA
GetSystemDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
CopyFileA
GetPrivateProfileSectionA
CloseHandle
GetWindowsDirectoryA
FindClose
FindFirstFileA
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter

advapi32

RegCloseKey
RegOpenKeyExA

shell32

SHGetMalloc
SHGetPathFromIDListA
ShellExecuteA
ShellExecuteExA
SHGetSpecialFolderLocation

msvcr71

??3@YAXPAX@Z
strncat
strcpy
strlen
time
strcat
strncpy
memset
memcpy
printf
sprintf
strchr
_ultoa
_except_handler3
difftime
atoi
rename
strcmp
__CxxFrameHandler
_beginthread
__security_error_handler
_itoa

netapi32

Netbios

Exports

Exports

??0Copendll@@QAE@XZ
??4Copendll@@QAEAAV0@ABV0@@Z
?fnopendll@@YAHXZ
?nopendll@@3HA

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

993a55a88b8cf517934361596eae11d4

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

msvcr71

netapi32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 1024B - Virtual size: 960B

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 1024B - Virtual size: 960B