048d0b08446a448c4ff25e67d95c5220_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

048d0b08446a448c4ff25e67d95c5220_JaffaCakes118
Size

56KB
MD5

048d0b08446a448c4ff25e67d95c5220
SHA1

0c72340fd4a7c0d7fe85ebf13e78ab342e06f4bd
SHA256

a2ef763c01a63d21619db0872f7cea5f94ea5b1aa6b73761f411be3f34c83e7b
SHA512

bf43b5d44341ffbbb641e720029fb297d5579ea56a80756b57432707dc1b401d1c6c55b07f783882ecb865395273a7be2b3f623f2985e7c7c5d416ed77c4a130
SSDEEP

1536:0jzB6qzRGCzHUhbwH5SS8/VsfP2C1ZLe2Q0FHR7:0NzRGZbw0WWEnf7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
048d0b08446a448c4ff25e67d95c5220_JaffaCakes118

Files

048d0b08446a448c4ff25e67d95c5220_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c7ef649f8658a641d26c3b1aec673901

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetTimer
KillTimer

msvcp60

?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

kernel32

FreeLibrary
GetFileSize
ReadFile
GetLastError
CompareFileTime
CreateDirectoryA
FindFirstFileA
FindNextFileA
FindClose
DebugBreak
CreateFileA
DeleteFileA
CloseHandle
GetModuleHandleA
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
GetProcAddress
LoadLibraryA
GetPrivateProfileStringA

msvcrt

_onexit
__dllonexit
strlen
__CxxFrameHandler
_EH_prolog
_vsnprintf
strrchr
strchr
??2@YAPAXI@Z
strncpy
strncat
_strlwr
memset
strcmp
_splitpath
strftime
localtime
time
_purecall
memmove
_access
strstr
atoi
_stricmp
free
_initterm
malloc
_adjust_fdiv

Exports

Exports

CreateComponent
GetComponentIDs
SetDLLRegistry
SetFactoryHandle
TenioDllCanUnloadNow
TenioDllFreeMap
TenioSetDllSafe

Sections

.text
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.xbxdd
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c7ef649f8658a641d26c3b1aec673901

Headers

File Characteristics

Imports

user32

msvcp60

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 41KB - Virtual size: 44KB

.rdata Size: 6KB - Virtual size: 8KB

.data Size: 2KB - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 4KB

.xbxdd Size: 1KB - Virtual size: 4KB

.text
Size: 41KB - Virtual size: 44KB

.rdata
Size: 6KB - Virtual size: 8KB

.data
Size: 2KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 4KB

.xbxdd
Size: 1KB - Virtual size: 4KB