11aec7f84a14c8b23ebaf7c942bb98e0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

11aec7f84a14c8b23ebaf7c942bb98e0_JaffaCakes118
Size

161KB
MD5

11aec7f84a14c8b23ebaf7c942bb98e0
SHA1

e610b10ff2c0429acfd586578b24751983000854
SHA256

01e7d325398a09bbe36ae645e1dbd7a759739c0d6fbd3bf6cc5ea86818d0041e
SHA512

d5261cf12283ab6f007b8292cb7c7d1eccd6261d52e63ce1bf7737c479f14f00ebb0cfe58877c351b2b5d7c494172f1fd8459d8494efccc351b5e6c9527f7a07
SSDEEP

3072:/Q/AmejsTQkdBWOgPS7Hl9Kgpnz+VaRcFI6lXzxOhQK6Wic5U:lmeju8mzl9KgpSVoMbUC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11aec7f84a14c8b23ebaf7c942bb98e0_JaffaCakes118

Files

11aec7f84a14c8b23ebaf7c942bb98e0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

328042157b2f89b910971ec52ed00b74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libvlccore

EnsureUTF8
IsUTF8
decode_URI_duplicate
demux_GetParentInput
encode_URI_component
input_GetItem
input_item_AddInfo
input_item_AddOption
input_item_CopyOptions
input_item_GetName
input_item_GetURI
input_item_NewExt
input_item_NewWithType
input_item_PostSubItem
input_item_SetDuration
input_item_SetMeta
input_item_SetName
input_item_SetURI
input_item_node_AppendItem
input_item_node_AppendNode
input_item_node_Create
input_item_node_Delete
input_item_node_PostAndDelete
make_URI
msg_Generic
resolve_xml_special_chars
stream_Control
stream_Peek
stream_Read
stream_ReadLine
var_Destroy
var_Inherit
vlc_gettext
vlc_hold
vlc_object_release
vlc_plugin_set
vlc_release
xml_Create
xml_Delete

kernel32

DeleteCriticalSection
EnterCriticalSection
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

_strdup
__dllonexit
__lc_codepage
__mb_cur_max
_atoi64
_errno
_iob
_isctype
_pctype
_stricmp
_strnicmp
abort
atoi
atol
calloc
fflush
fgetc
fputc
free
fwrite
getenv
gmtime
localeconv
localtime
malloc
memchr
memcmp
memcpy
realloc
sscanf
strchr
strcmp
strlen
strpbrk
strrchr
strspn
strstr
strtol
toupper
vfprintf
wcslen

Exports

Exports

vlc_entry__1_1_0g
vlc_entry_copyright__1_1_0g
vlc_entry_license__1_1_0g

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 165B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.gnu_deb
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

328042157b2f89b910971ec52ed00b74

Headers

DLL Characteristics

File Characteristics

Imports

libvlccore

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 87KB - Virtual size: 86KB

.data Size: 512B - Virtual size: 64B

.rdata Size: 10KB - Virtual size: 9KB

.bss Size: - Virtual size: 2KB

.edata Size: 512B - Virtual size: 165B

.idata Size: 3KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 2KB

.gnu_deb Size: 56KB - Virtual size: 56KB

.text
Size: 87KB - Virtual size: 86KB

.data
Size: 512B - Virtual size: 64B

.rdata
Size: 10KB - Virtual size: 9KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 165B

.idata
Size: 3KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB

.gnu_deb
Size: 56KB - Virtual size: 56KB