40f255c1ef8febf0c3d87fa2b0ec668c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40f255c1ef8febf0c3d87fa2b0ec668c_JaffaCakes118
Size

101KB
MD5

40f255c1ef8febf0c3d87fa2b0ec668c
SHA1

701b70cc85f4a40f7eae873118306cccdcd8f197
SHA256

6ba7cd31bb1b9b7698a502923992e829d3477138138742ba106a741d4e434a90
SHA512

857ca53bbfaba4fd85a1d5a05c0c300292309871b8f61668f27f0efd360eb7024df78b66be44bfa97ec3aee898c9984c66be2b89adbfbf2637c8869d7a67d5e8
SSDEEP

1536:8WQAa/xRhr5CMqKZg7lYi+VT9XrRPdlOMoerKYqcImj/cnenGFQvPDBDL4z:8F7hrhlZg76i+VT9r9OMEfcIMknquKa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40f255c1ef8febf0c3d87fa2b0ec668c_JaffaCakes118

Files

40f255c1ef8febf0c3d87fa2b0ec668c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0147d9a1374d7b28756eacd020553d24

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libvlccore

FromLocaleDup
LocaleFree
aout_ChannelReorder
aout_ChannelsRestart
aout_CheckChannelReorder
aout_FifoFirstDate
aout_FormatNbChannels
aout_FormatPrepare
aout_OutputNextBuffer
aout_VolumeNoneInit
aout_VolumeSoftInit
config_FindConfig
mdate
msg_Generic
mwait
var_AddCallback
var_Change
var_Create
var_Destroy
var_Get
var_GetChecked
var_Inherit
var_Set
var_SetChecked
var_Type
vlc_gettext
vlc_memcpy
vlc_memset
vlc_object_create
vlc_object_kill
vlc_object_release
vlc_plugin_set
vlc_restorecancel
vlc_savecancel
vlc_thread_create
vlc_thread_join

kernel32

CloseHandle
CreateEventA
DeleteCriticalSection
EnterCriticalSection
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
SetEvent
Sleep
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

_stricmp
__dllonexit
__lc_codepage
__mb_cur_max
_errno
_iob
abort
fflush
fgetc
fputc
free
fwrite
getenv
gmtime
localeconv
localtime
malloc
memchr
memcpy
realloc
strchr
strlen
strpbrk
strspn
toupper
vfprintf
wcslen

winmm

waveOutClose
waveOutGetDevCapsA
waveOutGetNumDevs
waveOutGetVolume
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutSetVolume
waveOutUnprepareHeader
waveOutWrite

Exports

Exports

vlc_entry__1_1_0g
vlc_entry_copyright__1_1_0g
vlc_entry_license__1_1_0g

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.gnu_deb
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0147d9a1374d7b28756eacd020553d24

Headers

DLL Characteristics

File Characteristics

Imports

libvlccore

kernel32

msvcrt

winmm

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 35KB

.data Size: 512B - Virtual size: 32B

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: - Virtual size: 2KB

.edata Size: 512B - Virtual size: 164B

.idata Size: 3KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 988B

.gnu_deb Size: 56KB - Virtual size: 56KB

.text
Size: 35KB - Virtual size: 35KB

.data
Size: 512B - Virtual size: 32B

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 164B

.idata
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 988B

.gnu_deb
Size: 56KB - Virtual size: 56KB