3d4b42fbaaa21181cda577d3f87aa640_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3d4b42fbaaa21181cda577d3f87aa640_JaffaCakes118
Size

64KB
MD5

3d4b42fbaaa21181cda577d3f87aa640
SHA1

3c6279fdc9e160f59cdb7d2d384e9b54c262b139
SHA256

c5d59ee2827af7990e8295698b45b082a2d3c3be7aa5ed44c2b91f738931eb15
SHA512

b4a82f4e645d065e377e3e543c07ad2c734cf4c383238c505fa3b6629365a914b49bad7992a262b04168560d21db1584055d4049a52b3ac0539f7b15aca3b833
SSDEEP

768:v8IwhSKjSEfeXO86sOFiWwSF0DN4OxT6SSpfk9N7:QSZKeXQsOcnTypMv7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d4b42fbaaa21181cda577d3f87aa640_JaffaCakes118

Files

3d4b42fbaaa21181cda577d3f87aa640_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7c217f080728680913f3c6b0f19bf5eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFreeEx
VirtualAllocEx
FindClose
FindNextFileA
lstrcmpiA
lstrcatA
GetCurrentProcess
Module32First
VirtualProtectEx
GetModuleHandleA
ReleaseMutex
CreateMutexA
DeleteFileA
GetModuleFileNameA
CopyFileA
TerminateProcess
GlobalFree
GlobalUnlock
IsBadReadPtr
InitializeCriticalSection
GetTempPathA
CreateFileA
ReadFile
GetLastError
CloseHandle
GetCurrentProcessId
DisableThreadLibraryCalls
WaitForSingleObject
Sleep
LoadLibraryA
GetProcAddress
WinExec
lstrcpyA
lstrlenA
GetTickCount
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection

user32

wsprintfA
GetWindowThreadProcessId
EnumWindows
SetThreadDesktop
OpenWindowStationA
ReleaseDC
GetDC
GetWindowTextA
GetForegroundWindow
GetWindowRect
OpenDesktopA

gdi32

GetNearestPaletteIndex
DeleteObject
CreateHalftonePalette
GetPaletteEntries

advapi32

SetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueA

msvcp60

?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

ws2_32

getpeername
WSAStartup
closesocket
send
recv
select
connect
ioctlsocket
htons
socket
gethostbyname

msvcrt

fopen
fflush
fclose
strncpy
sprintf
strlen
free
malloc
strstr
fwrite
fputc
_beginthreadex
atoi
memcmp
_onexit
__dllonexit
_purecall
_splitpath
wcscmp
strchr
isprint
memset
memcpy
__CxxFrameHandler
??2@YAPAXI@Z
strcat
strrchr
strcpy
sscanf

shlwapi

StrStrIA

imagehlp

MakeSureDirectoryPathExists

Exports

Exports

Install
_Install@16

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shard
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c217f080728680913f3c6b0f19bf5eb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcp60

ws2_32

msvcrt

shlwapi

imagehlp

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 18KB - Virtual size: 4.1MB

shard Size: 10KB - Virtual size: 9KB

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 18KB - Virtual size: 4.1MB

shard
Size: 10KB - Virtual size: 9KB

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 14KB - Virtual size: 13KB