118afe4adfcedbb095f433235ca91afe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

118afe4adfcedbb095f433235ca91afe_JaffaCakes118
Size

108KB
MD5

118afe4adfcedbb095f433235ca91afe
SHA1

d1281cc4992fa790f0b6d7c8b1140c04bb8abf6e
SHA256

bb5493868689bbd9c46abb105b7699347fc07b8a5e7dc589043ddde02bc2753f
SHA512

7e3e5a2f6f9d130a07f1da7cc8417a9896502d93ecfa02b79148bbdfcca69ca63abc8bc738b15c510ce7a0e25ef5de5d31d0dfa0da4b84958ebccda9e9bb114d
SSDEEP

1536:XQKBSwlJ61kXouMoIBPJDF/GoWpSciyMWcSOvgvi9nePBnle7teeatJ5c:gKBSwlJ6yX4odR1Oovi9nmnlwceg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
118afe4adfcedbb095f433235ca91afe_JaffaCakes118

Files

118afe4adfcedbb095f433235ca91afe_JaffaCakes118
.dll windows:4 windows x86 arch:x86

963ce897471a1c51888ea98c7286d65c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcp60

?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??_8?$basic_fstream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_fstream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??0ios_base@std@@IAE@XZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0locale@std@@QAE@XZ
??_7?$basic_filebuf@DU?$char_traits@D@std@@@std@@6B@
?_Init@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXPAU_iobuf@@W4_Initfl@12@@Z
??_7?$basic_fstream@DU?$char_traits@D@std@@@std@@6B@
?open@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@PBDH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?clear@ios_base@std@@QAEXH_N@Z
??1?$basic_filebuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1ios_base@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1locale@std@@QAE@XZ
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Xlen@std@@YAXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z

ole32

CoTaskMemFree
CoCreateGuid

wininet

InternetOpenUrlA
InternetSetOptionA
InternetOpenA
InternetReadFile
InternetAttemptConnect
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
HttpAddRequestHeadersA
HttpEndRequestA
InternetWriteFile
HttpSendRequestExA

ws2_32

htons
htonl

msvcrt

_adjust_fdiv
_initterm
_onexit
__dllonexit
??1type_info@@UAE@XZ
_access
strrchr
strncat
memmove
time
localtime
_mbsrchr
sprintf
fclose
_purecall
calloc
_strnicmp
strncpy
strtoul
_snprintf
_CxxThrowException
??0exception@@QAE@ABV0@@Z
_vsnwprintf
wcslen
wcscpy
malloc
free
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_vsnprintf
strchr
__CxxFrameHandler
??2@YAPAXI@Z
_stricmp
_except_handler3
tolower

urlmon

FindMimeFromData

dbghelp

SymGetModuleBase
SymFunctionTableAccess
StackWalk
MiniDumpWriteDump

shlwapi

PathRemoveFileSpecA

psapi

GetModuleBaseNameA
GetModuleInformation

kernel32

FlushInstructionCache
CreateProcessA
GetStdHandle
CreatePipe
DuplicateHandle
FreeLibrary
SetLastError
SuspendThread
SetThreadContext
GetThreadContext
CloseHandle
CreateThread
IsBadWritePtr
GetModuleFileNameA
GetLastError
WideCharToMultiByte
MultiByteToWideChar
CreateFileA
GetFileSize
SetFilePointer
ReadFile
IsDBCSLeadByteEx
WriteFile
IsBadReadPtr
DisableThreadLibraryCalls
GetProcAddress
LoadLibraryA
DeleteFileA
FindNextFileA
FindFirstFileA
GetModuleHandleA
VirtualQuery
ResumeThread
VirtualProtect
InterlockedCompareExchange
VirtualAlloc
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetPrivateProfileIntA
SetUnhandledExceptionFilter
Sleep
FlushFileBuffers
GetCurrentProcessId
VirtualFree

netapi32

Netbios

Exports

Exports

InitializeBugTrace

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

963ce897471a1c51888ea98c7286d65c

Headers

File Characteristics

Imports

msvcp60

ole32

wininet

ws2_32

msvcrt

urlmon

dbghelp

shlwapi

psapi

kernel32

netapi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 968B

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 968B

.reloc
Size: 12KB - Virtual size: 8KB