0ad51b5fb979f10f2dc5a1c5ad98af85_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0ad51b5fb979f10f2dc5a1c5ad98af85_JaffaCakes118
Size

196KB
MD5

0ad51b5fb979f10f2dc5a1c5ad98af85
SHA1

f5ce065144fd70d5f69b5f0ee42fafa20f171a98
SHA256

bd16da3152bd58b5f6041e4cbfae6fca2b58109b7237534e712a1a17d5111f34
SHA512

07d16a99e69906383d158df77843825263481d47ee3ec93fef4a56caa78140be2521922ad44a90b958afd99034b05c849916fce42de52dfe1d21f09f705d39b1
SSDEEP

3072:SOMFNBVqgU246JCnrJhhwows9BI3pKox3tQKK8FR/yRZn:BM/U2rCrJRws9q3AoRt7K8L/69

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ad51b5fb979f10f2dc5a1c5ad98af85_JaffaCakes118

Files

0ad51b5fb979f10f2dc5a1c5ad98af85_JaffaCakes118
.dll windows:4 windows x86 arch:x86

90981dbddcff34314720f4cefbdb614d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\z00105600_view_UTPS_LATEST\Tc_utps_code\Utps_v100r001\utps\solution\win32\DialUpPlugin\Release\DialUpPlugin.pdb

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList

shell32

SHGetFolderPathW

iphlpapi

GetIfTable

msvcp71

?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?_Nomemory@std@@YAXXZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr71

malloc
_callnewh
??1type_info@@UAE@XZ
__dllonexit
_onexit
__security_error_handler
_except_handler3
free
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
wcscat
wcscmp
time
sprintf
_snprintf
_wcsicmp
_wtoi
swprintf
wcscpy
__RTDynamicCast
??_V@YAXPAX@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_purecall
_CxxThrowException
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
??3@YAXPAX@Z
_itoa

kernel32

GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateThread
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
CreateThread
CloseHandle
GetProcAddress
LoadLibraryW
LocalFree
FormatMessageW
GetVersionExW
Sleep
CreateEventW
GlobalFree
GlobalAlloc
FreeLibrary
SetFileAttributesW
GetFileAttributesW
WaitForMultipleObjects
WideCharToMultiByte
MultiByteToWideChar
CreateMutexA
WaitForSingleObject
ReleaseMutex
ResetEvent

Exports

Exports

CreatePlugin

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

90981dbddcff34314720f4cefbdb614d

Headers

File Characteristics

PDB Paths

Imports

setupapi

shell32

iphlpapi

msvcp71

msvcr71

kernel32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 9KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 108KB - Virtual size: 108KB