4036b4bb113fbea8846cab5aff3eb628_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4036b4bb113fbea8846cab5aff3eb628_JaffaCakes118
Size

130KB
MD5

4036b4bb113fbea8846cab5aff3eb628
SHA1

095f56a9e24d86b13b7d110db18765c1c73457b1
SHA256

87b02bc03802c3338bdfb550f48ae9622f09ad7f9817093a51ed21fac042feec
SHA512

fb69b194aefa2b29ee3283017cbda3af0df0ab46f6bf7f8f0822b418db6aab45e4e8b485c8e767d9059a4375eb43bf44de08bc72c50373764f957d2921dc8adf
SSDEEP

3072:AxsAVfGtJRQgPnM+Vr8QbWsyMBj/FY18EQ:mG/RQgPDVAQbthi8E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4036b4bb113fbea8846cab5aff3eb628_JaffaCakes118

Files

4036b4bb113fbea8846cab5aff3eb628_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5b3f55b28a310b0dfc15b45faddb9369

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libvlccore

access_GetParentInput
block_Alloc
decode_URI
input_GetItem
input_item_NewExt
input_item_PostSubItem
msg_Generic
msleep
net_Connect
net_Gets
net_OpenDgram
net_Printf
net_Read
net_Write
var_Create
var_GetChecked
var_Inherit
var_SetChecked
vlc_b64_encode
vlc_cancel
vlc_clone
vlc_getnameinfo
vlc_iconv
vlc_iconv_close
vlc_iconv_open
vlc_join
vlc_mutex_destroy
vlc_mutex_init
vlc_mutex_lock
vlc_mutex_unlock
vlc_object_release
vlc_plugin_set
vlc_poll
vlc_rand_bytes
vlc_release
vlc_restorecancel
vlc_savecancel

kernel32

DeleteCriticalSection
EnterCriticalSection
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

_strdup
__dllonexit
__lc_codepage
__mb_cur_max
_errno
_iob
_stricmp
abort
atoi
calloc
fflush
fgetc
fputc
free
fwrite
getenv
gmtime
localeconv
localtime
malloc
memchr
memcpy
memmove
realloc
strchr
strlen
strpbrk
strspn
strstr
toupper
vfprintf
wcslen

ws2_32

closesocket
getsockname
recv

Exports

Exports

vlc_entry__1_1_0g
vlc_entry_copyright__1_1_0g
vlc_entry_license__1_1_0g

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 167B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.gnu_deb
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b3f55b28a310b0dfc15b45faddb9369

Headers

DLL Characteristics

File Characteristics

Imports

libvlccore

kernel32

msvcrt

ws2_32

Exports

Exports

Sections

.text Size: 61KB - Virtual size: 61KB

.data Size: 512B - Virtual size: 32B

.rdata Size: 6KB - Virtual size: 6KB

.bss Size: - Virtual size: 2KB

.edata Size: 512B - Virtual size: 167B

.idata Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.gnu_deb Size: 56KB - Virtual size: 56KB

.text
Size: 61KB - Virtual size: 61KB

.data
Size: 512B - Virtual size: 32B

.rdata
Size: 6KB - Virtual size: 6KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 167B

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB

.gnu_deb
Size: 56KB - Virtual size: 56KB