faa52f74b34ecbb4da1f5f66920f1b48_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

faa52f74b34ecbb4da1f5f66920f1b48_JaffaCakes118
Size

19KB
MD5

faa52f74b34ecbb4da1f5f66920f1b48
SHA1

f44a379e1228b42bc256f2b635e77e44af18ff7c
SHA256

3469821aa98e022098c081329d2444c5d4d7d9b7796fb9d5a223608cceabdb88
SHA512

acebd8adc3a79712e7132f1d964a68334fdd0c164a73ea126f383232e3126c9166ecf62be5052aac973488ad325a92d8bacf041bb367107e4a0bf9ca6be98251
SSDEEP

384:dnJvJrBo0/XRtcVyShRZSxXz/fqsEnA/db:dnJvJrBo6BOYShRM1/mA/db

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
faa52f74b34ecbb4da1f5f66920f1b48_JaffaCakes118

Files

faa52f74b34ecbb4da1f5f66920f1b48_JaffaCakes118
.dll windows:6 windows x86 arch:x86

7869cea5b8ed15340d474f19d5c4789b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\xampp\htdocs\Loct\e82fde472de24cbe85bf7bb3f2584a6b\Loader\qocjasgs\Release\qocjasgs.pdb

Imports

kernel32

lstrcpyA
SetLastError
LocalFree
GetProcessHeap
HeapAlloc
lstrlenA
EnumResourceTypesA

mpr

WNetGetProviderNameW
WNetGetUserA
WNetCancelConnectionA
WNetGetLastErrorA
WNetGetNetworkInformationA
WNetCancelConnection2W

user32

GetMenuState
IsCharLowerA
PeekMessageA
CharPrevA
DdeConnect
GetMenuItemCount

wininet

FtpRenameFileA
FreeUrlCacheSpaceW
GopherCreateLocatorW
InternetHangUp
LoadUrlCacheContent
InternetGetCookieW

winmm

midiOutMessage
midiOutCacheDrumPatches
timeEndPeriod
joyGetThreshold

comdlg32

ChooseColorW
PageSetupDlgA
ReplaceTextW
CommDlgExtendedError

loadperf

UnloadPerfCounterTextStringsA
LoadPerfCounterTextStringsA
UnloadPerfCounterTextStringsW
LoadPerfCounterTextStringsW

ole32

UtConvertDvtd32toDvtd16
WriteOleStg
StgCreateDocfileOnILockBytes
OleGetClipboard
HMENU_UserMarshal
StgOpenStorage
HENHMETAFILE_UserSize

advapi32

RegQueryValueExW
RegSetValueExW
RegCloseKey
RegOpenKeyExA
RegDeleteKeyExA
RegCreateKeyExA
GetUserNameA

msvcrt

sprintf
memcpy

Exports

Exports

nsbng

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7869cea5b8ed15340d474f19d5c4789b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

mpr

user32

wininet

winmm

comdlg32

loadperf

ole32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 7KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 480B