2ebe629587e1b0aaf980c4bbe3150b6d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ebe629587e1b0aaf980c4bbe3150b6d_JaffaCakes118
Size

67KB
MD5

2ebe629587e1b0aaf980c4bbe3150b6d
SHA1

7912556addb3e13c20c74913d0fa2c775b206b3c
SHA256

b13e9d7e0a4ad4c960e35a79082f225150db2c2ee025b8b8ea71944d42aa927c
SHA512

e5264459dd723db644b48d345c1f34cb7372abfaa03d2c0f4a562a959ff5cc8779e211aa24057788ab5ffd74ed31f6069deba9f812287a429c67ac1959c6af6a
SSDEEP

1536:FRg9QQAz+YPO5sEcO0Hvu8nP+8B0xdjOfDrE30nWHBTXA++:fg9oz+YP6sbHL+8B0mfEGWHBTk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cgauth.dll

Files

2ebe629587e1b0aaf980c4bbe3150b6d_JaffaCakes118
.zip
How to crack vray for sketchup 1.49.01.doc
.doc windows office2003
VRFLServer2.xml
cgauth.dll
.dll windows:4 windows x86 arch:x86

f9ae0f5027378700b327234707b84f95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
SetEvent
ResetEvent
CreateEventA
GetLocalTime
GetVolumeInformationA
GetEnvironmentVariableA
CreateDirectoryA
GetTickCount
InterlockedDecrement
Sleep
InterlockedExchange
InterlockedIncrement
OutputDebugStringA
CreateMutexA
GetLastError
CloseHandle
GetFileSize
CreateFileA
SetFilePointer
GlobalAlloc
SetLastError
GlobalFree
InterlockedCompareExchange
TlsAlloc
GetSystemInfo
TlsSetValue
TlsFree
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
SetThreadPriority
EnterCriticalSection
LeaveCriticalSection
TlsGetValue
TryEnterCriticalSection
WriteFile
FindFirstFileA
FindClose
ReadFile
SetEndOfFile
FreeLibrary
LoadLibraryA
GetProcAddress
FlushFileBuffers

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

SHGetFolderPathA

ws2_32

shutdown
closesocket
send
recv
setsockopt
getsockname
recvfrom
listen
bind
accept
socket
htons
htonl
connect
sendto
WSACleanup
WSAStartup
gethostbyname
ntohl
inet_addr
WSAGetLastError

msvcp80

?_Xlen@_String_base@std@@SAXXZ
?_Xran@_String_base@std@@SAXXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

msvcr80

srand
_invalid_parameter
_CxxThrowException
memcpy_s
memmove_s
_localtime64
_time64
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABV01@@Z
sscanf
atoi
getenv
fclose
fprintf
fopen
strncpy
malloc
memmove
tolower
strncmp
rand
_vsnprintf
_beginthread
?terminate@@YAXXZ
_except_handler3
__dllonexit
_onexit
??1type_info@@UAE@XZ
_malloc_crt
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_local_unwind2
__clean_type_info_names_internal
sprintf
__CxxFrameHandler
??3@YAXPAX@Z
_purecall
??_V@YAXPAX@Z
free
memset
memcpy
_stricmp
??2@YAPAXI@Z

user32

PeekMessageA
TranslateMessage
DispatchMessageA
MsgWaitForMultipleObjects

Exports

Exports

?getAuthServer@@YAPAVAuthServer@@XZ

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9ae0f5027378700b327234707b84f95

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

msvcp80

msvcr80

user32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 95KB

.text1 Size: 8KB - Virtual size: 4KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 11KB

.data1 Size: 16KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 16KB - Virtual size: 12KB

.text
Size: 96KB - Virtual size: 95KB

.text1
Size: 8KB - Virtual size: 4KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 11KB

.data1
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 16KB - Virtual size: 12KB