159eefff12dab35a1247b70d1c4613ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

159eefff12dab35a1247b70d1c4613ea_JaffaCakes118
Size

279KB
MD5

159eefff12dab35a1247b70d1c4613ea
SHA1

f3d72b49e194e7f149f0792efe24173e3f3701e4
SHA256

9c642758b22450a7e8b0890c1c308982eb27fbdd7f423f468bd6444704e6384f
SHA512

fcca1ea2f94d978a85ab5056e96ba0ee00ac745619335de29370b9269f48d7096b423bd9afaf342f10da8099b327768c8bab396c5721d30e599d0a7b618f1818
SSDEEP

6144:jyFogKQIIII1gNdAYbHYSjGbVmqBhNPFfZtG4sVTvFv8SZE:jWogUbHhjGb8iPHtGdFv8w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
159eefff12dab35a1247b70d1c4613ea_JaffaCakes118

Files

159eefff12dab35a1247b70d1c4613ea_JaffaCakes118
.exe windows:5 windows x86 arch:x86

349d1c212a43ab0af2b06e7fe22fa871

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\GitHub\hg5fm\jhPrimeminer\src\bin\jhPrimeminer.pdb

Imports

mpir

__gmpz_tdiv_q_2exp
__gmpz_sub
__gmpz_tdiv_ui
__gmpz_powm
__gmpz_tdiv_r
__gmpz_set
__gmpz_init_set
__gmpz_mul
__gmpz_tdiv_q
__gmpz_import
__gmpz_divisible_ui_p
__gmpz_mul_ui
__gmpz_cmp
__gmpz_tdiv_q_ui
__gmpz_cmp_ui
__gmp_get_memory_functions
__gmpz_get_str
__gmpz_set_si
__gmpz_mul_2exp
__gmpz_add_ui
__gmpz_init_set_si
__gmpz_clear
__gmpz_sub_ui
__gmpz_init

kernel32

GetStringTypeW
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
WriteConsoleW
RtlUnwind
GetProcessHeap
SetStdHandle
GetTimeZoneInformation
LoadLibraryW
CreateFileW
DeleteCriticalSection
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
SetHandleCount
LCMapStringW
ExitProcess
SetPriorityClass
GetCurrentProcess
GetTickCount
InitializeCriticalSection
Sleep
SetThreadPriority
EnterCriticalSection
GetSystemInfo
CreateThread
CreateFileA
WriteFile
ReadFile
FlushFileBuffers
CloseHandle
OutputDebugStringA
GetFileSize
SetFilePointer
SetEndOfFile
QueryPerformanceCounter
GetCurrentThreadId
GetLastError
GetProcAddress
GetModuleHandleA
GetVersion
GetFileType
GetStdHandle
MultiByteToWideChar
HeapCreate
GetModuleFileNameW
SetLastError
TlsFree
SetEnvironmentVariableA
CompareStringW
LeaveCriticalSection
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
IsProcessorFeaturePresent
RaiseException
HeapSetInformation
EncodePointer
DecodePointer
HeapAlloc
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetSystemTimeAsFileTime
GetModuleHandleW
HeapFree
HeapReAlloc
GetTimeFormatA
GetDateFormatA
WideCharToMultiByte
GetConsoleCP
GetCommandLineA

user32

GetProcessWindowStation
GetDesktopWindow
MessageBoxA
GetUserObjectInformationW

advapi32

ReportEventA
RegisterEventSourceA
DeregisterEventSource

ws2_32

connect
inet_addr
select
htons
socket
closesocket
send
WSAStartup
gethostbyname
WSAIoctl
WSAGetLastError
recv

Exports

Exports

OPENSSL_Applink

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

349d1c212a43ab0af2b06e7fe22fa871

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mpir

kernel32

user32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 87KB - Virtual size: 87KB

.data Size: 6KB - Virtual size: 95KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 87KB - Virtual size: 87KB

.data
Size: 6KB - Virtual size: 95KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 20KB - Virtual size: 19KB