44ab5fc06b5cb0a139cd3e927620c11a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44ab5fc06b5cb0a139cd3e927620c11a_JaffaCakes118
Size

296KB
MD5

44ab5fc06b5cb0a139cd3e927620c11a
SHA1

7f4cb30cb6e1fa7215ec347b57c1ef8f5eac426a
SHA256

79fe2a4198c5fd0b25ef5a84548fc2243a333de086d22b5dbf38d993ad15e554
SHA512

5174ed01ae0efdc4e601c6831aa69181937967fd8d3282f8fc3343856faf6499229b0d115c6194bfa689e714a4abe16e940dbceb096a6ae5735bb65f664ad632
SSDEEP

3072:gELhOSG4Jrl/QtjYq1bflWTI5biaJHUx8HP5ozQ2Gc/vYeMru6Q1bdZjgYwOyK/P:gwnrdAYq1DlWTGKGaKu6ejpOXg42Zwt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44ab5fc06b5cb0a139cd3e927620c11a_JaffaCakes118

Files

44ab5fc06b5cb0a139cd3e927620c11a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

156024c557dc5ba2e8c47106e8a1cb94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

ntohs
getpeername
htonl

kernel32

ResetEvent
DeviceIoControl
SetEvent
WaitForMultipleObjects
ReleaseSemaphore
CreateSemaphoreA
Sleep
InitializeCriticalSection
WaitForSingleObjectEx
TerminateThread
CreateThread
SetThreadPriority
GetCurrentProcess
GetCurrentThreadId
GetVersionExA
GetSystemInfo
CompareStringW
CreateFileA
CreateFileW
GetSystemDirectoryW
DeleteFileA
GetSystemDirectoryA
lstrcmpA
VirtualAlloc
VirtualFree
CreateEventA
InterlockedIncrement
GetTickCount
GetSystemTimeAsFileTime
GetProcAddress
LoadLibraryW
FreeLibrary
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalReAlloc
SetFilePointer
SetEndOfFile
GetFileSize
ReadFile
WriteFile
HeapAlloc
HeapFree
HeapReAlloc
EnumSystemLocalesA
GetUserDefaultLCID
IsValidLocale
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetLastError
PulseEvent
CloseHandle
CreateMutexA
WaitForSingleObject
ReleaseMutex
SetUnhandledExceptionFilter
ExitProcess
ExitThread
OutputDebugStringA
FlushFileBuffers
InterlockedDecrement
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LocalAlloc
InterlockedExchange
LoadLibraryA
RaiseException
GetCommandLineA
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetConsoleCP
GetConsoleMode
GetLocaleInfoW

advapi32

CreateServiceW
ChangeServiceConfigW
QueryServiceStatus
StartServiceW
OpenServiceW
UnlockServiceDatabase
LockServiceDatabase
CloseServiceHandle
OpenSCManagerW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegEnumKeyExW
RegOpenKeyExA
RegQueryInfoKeyA
RegCloseKey
RegQueryValueExA
RegEnumKeyExA
QueryServiceConfigW

Exports

Exports

DeinitServerExtension
InitServerExtension
_ReflectiveLoader@0

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

156024c557dc5ba2e8c47106e8a1cb94

Headers

File Characteristics

Imports

ws2_32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 124KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 128KB - Virtual size: 149KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 124KB - Virtual size: 124KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 128KB - Virtual size: 149KB

.reloc
Size: 13KB - Virtual size: 13KB