df4e1e902ac7f93330afd6fa7ca8df76_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

df4e1e902ac7f93330afd6fa7ca8df76_JaffaCakes118
Size

161KB
MD5

df4e1e902ac7f93330afd6fa7ca8df76
SHA1

c7b6d8173ec1bacdf368c09145488481dcf409c4
SHA256

6a59405123e195816b27098d00a25782ba77274d1e0f0f301a63f1ff0ae16a39
SHA512

b167d39c02514f35d50b27664312cf6261495f868ba5b16807047e21107a8468c22ddd163d21ab9102de333d12f0dfd831bf3f388986bac2f680dff766705b81
SSDEEP

3072:o0qu8b0r7xEBBwgcFmGrBYVtFuBfkqw+LljcFVafvCjktBWQdWD8SPecjKUY:Eb0rqGgoBYfFuBfkCLsdjkKQUbBj5Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df4e1e902ac7f93330afd6fa7ca8df76_JaffaCakes118

Files

df4e1e902ac7f93330afd6fa7ca8df76_JaffaCakes118
.dll windows:4 windows x86 arch:x86

328042157b2f89b910971ec52ed00b74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libvlccore

EnsureUTF8
IsUTF8
decode_URI_duplicate
demux_GetParentInput
encode_URI_component
input_GetItem
input_item_AddInfo
input_item_AddOption
input_item_CopyOptions
input_item_GetName
input_item_GetURI
input_item_NewExt
input_item_NewWithType
input_item_PostSubItem
input_item_SetDuration
input_item_SetMeta
input_item_SetName
input_item_SetURI
input_item_node_AppendItem
input_item_node_AppendNode
input_item_node_Create
input_item_node_Delete
input_item_node_PostAndDelete
make_URI
msg_Generic
resolve_xml_special_chars
stream_Control
stream_Peek
stream_Read
stream_ReadLine
var_Destroy
var_Inherit
vlc_gettext
vlc_hold
vlc_object_release
vlc_plugin_set
vlc_release
xml_Create
xml_Delete

kernel32

DeleteCriticalSection
EnterCriticalSection
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

_strdup
__dllonexit
__lc_codepage
__mb_cur_max
_atoi64
_errno
_iob
_isctype
_pctype
_stricmp
_strnicmp
abort
atoi
atol
calloc
fflush
fgetc
fputc
free
fwrite
getenv
gmtime
localeconv
localtime
malloc
memchr
memcmp
memcpy
realloc
sscanf
strchr
strcmp
strlen
strpbrk
strrchr
strspn
strstr
strtol
toupper
vfprintf
wcslen

Exports

Exports

vlc_entry__1_1_0g
vlc_entry_copyright__1_1_0g
vlc_entry_license__1_1_0g

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 165B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.gnu_deb
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

328042157b2f89b910971ec52ed00b74

Headers

DLL Characteristics

File Characteristics

Imports

libvlccore

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 87KB - Virtual size: 86KB

.data Size: 512B - Virtual size: 64B

.rdata Size: 10KB - Virtual size: 9KB

.bss Size: - Virtual size: 2KB

.edata Size: 512B - Virtual size: 165B

.idata Size: 3KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 2KB

.gnu_deb Size: 56KB - Virtual size: 56KB

.text
Size: 87KB - Virtual size: 86KB

.data
Size: 512B - Virtual size: 64B

.rdata
Size: 10KB - Virtual size: 9KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 165B

.idata
Size: 3KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB

.gnu_deb
Size: 56KB - Virtual size: 56KB