43e585932340e70d0b9056ff2f2883ef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43e585932340e70d0b9056ff2f2883ef_JaffaCakes118
Size

1.3MB
MD5

43e585932340e70d0b9056ff2f2883ef
SHA1

9d383c2e3e66b14eac276e792a156b90d869ed31
SHA256

e7c576dda11c73cf9e3d726e41e1b9b99d06b67a0f972496afa1f5538b11adcc
SHA512

7aa5ac3bd475fe14407b1ae88b6e97e6f2755a7dbae4f298169000929f879d527cd84c19b9853a0565d6495255ec9bfcc98df463caf18d6b894fa57dd3cf2b68
SSDEEP

12288:yiYBp1ZFU3SHiMc/qRQw6BiG7XX+NHYFMnlnZ5MGVjUdF2zR0dkOyWP:fRt/qR56R+NBlZ5MGqdF2zR0dfyWP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43e585932340e70d0b9056ff2f2883ef_JaffaCakes118

Files

43e585932340e70d0b9056ff2f2883ef_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cd0599725daa219f5dd08a6e8969132c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSASend
WSARecv

winio

GetPortVal
InitializeWinIo
ShutdownWinIo
SetPortVal

mfc42d

ord2640
ord730
ord485
ord2168
ord901
ord903
ord4402
ord4987
ord3393
ord550
ord4951
ord3572
ord1590
ord719
ord880
ord2995
ord2520
ord284
ord813
ord734
ord4195
ord3629
ord3948
ord4017
ord1862
ord4753
ord3362
ord1364
ord3651
ord4176
ord1781
ord4118
ord5076
ord3618
ord4208
ord2078
ord1310
ord3069
ord3670
ord2076
ord1566
ord5078
ord3002
ord4064
ord1344
ord4191
ord1830
ord1631
ord4205
ord3786
ord3658
ord1952
ord1228
ord2875
ord586
ord699
ord677
ord700
ord574
ord335
ord519
ord475
ord520
ord454
ord317
ord1748
ord1766
ord1772
ord1757
ord1857
ord3524
ord2104
ord3944
ord2319
ord2621
ord3221
ord4432
ord422
ord2435
ord4896
ord4302
ord2291
ord3831
ord736
ord4589
ord4615
ord2351
ord2068
ord2634
ord2383
ord985
ord3555
ord2127
ord3086
ord2353
ord3403
ord4403
ord2295
ord593
ord3517
ord2133
ord345
ord812
ord2129
ord4330
ord5056
ord1019
ord851
ord3042
ord4390
ord986
ord1021
ord899
ord573
ord556
ord1799
ord4303
ord4978
ord2409
ord1316
ord4457
ord1050
ord1640
ord1639
ord293
ord316
ord3244
ord1096
ord824
ord4934
ord723
ord4126
ord3015
ord2719
ord2561
ord2406
ord507
ord3110
ord2725
ord3177
ord4596
ord3563
ord3297
ord3481
ord2128
ord1788
ord4380
ord2255
ord3554
ord1812
ord5019
ord823
ord3655
ord3174
ord2307
ord1043
ord1101
ord1179
ord1129
ord1186
ord1164
ord1166
ord1192
ord551
ord726
ord285
ord714
ord685
ord493
ord487
ord684
ord492
ord706
ord728
ord528
ord2986
ord4492
ord1285
ord2021
ord3657
ord3784
ord3367
ord2431
ord3142
ord3144
ord3143
ord2339
ord2432
ord2341
ord2585
ord2473
ord3691
ord2584
ord2481
ord2340
ord4408
ord4215
ord4239
ord3826
ord3366
ord4229
ord4227
ord2661
ord1789
ord4130
ord1033
ord3231
ord4415
ord1860
ord1880
ord3702
ord5077
ord3552
ord1136
ord4266
ord1183
ord282
ord5094
ord1411
ord3369
ord1041
ord1171
ord721
ord1157
ord333
ord1114
ord1087
ord1191
ord1189
ord1110
ord2316
ord1638

msvcrtd

_adjust_fdiv
_malloc_dbg
_initterm
_free_dbg
?terminate@@YAXXZ
_chkesp
memcpy
__CxxFrameHandler
_CxxThrowException
memset
abs
_CrtDbgReport
fclose
fgets
fopen
memcmp
sprintf
strcpy
fread
atoi
printf
fwrite
fseek
fputs
_ftol
??1type_info@@UAE@XZ
__dllonexit
_onexit
_except_handler3

kernel32

lstrcatA
lstrlenA
lstrcpyA
lstrlenW
EnterCriticalSection
LeaveCriticalSection
GetPrivateProfileIntA
CopyFileA
DeleteFileA
FindFirstFileA
FindClose
GetModuleFileNameA
GetProcAddress
SetFileAttributesA
GetPrivateProfileStringA
SetCurrentDirectoryA
CreateThread
WritePrivateProfileStringA
MultiByteToWideChar
HeapDestroy
GetModuleHandleA
VirtualQuery
VirtualProtect
GetCurrentProcess
WriteProcessMemory
lstrcmpiA
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
HeapAlloc
GetProcessHeap
GetPrivateProfileSectionNamesA
LocalFree
LocalAlloc
WideCharToMultiByte
FreeLibrary
LoadLibraryA
InitializeCriticalSection
Sleep
CloseHandle
Process32Next
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
FlushFileBuffers
DeleteCriticalSection
CreateFileA
WriteFile

user32

OpenClipboard
EmptyClipboard
SetForegroundWindow
MapVirtualKeyA
CharNextA
wsprintfA
SetClipboardData
ShowScrollBar
ReleaseDC
GetDC
keybd_event
mouse_event
SetCursorPos
CloseClipboard
CallNextHookEx
GetSystemMetrics
GetClassNameA
GetKeyState
SetWindowsHookExA
UnhookWindowsHookEx
GetCursorPos
FindWindowA

gdi32

SetMapMode
SelectPalette
SetStretchBltMode
SetDIBitsToDevice
StretchDIBits
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetDIBits
DeleteDC
DeleteObject
GetPixel

shell32

ShellExecuteA

ole32

CoCreateInstance

oleaut32

SysFreeString
SysAllocString
LoadTypeLi
RegisterTypeLi

wininet

InternetOpenUrlA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
InternetOpenA

Exports

Exports

ReturnShare
SdoInstallHook
SdoUninstallHook

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd0599725daa219f5dd08a6e8969132c

Headers

File Characteristics

Imports

ws2_32

winio

mfc42d

msvcrtd

kernel32

user32

gdi32

shell32

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 92KB - Virtual size: 89KB

.data Size: 4KB - Virtual size: 224KB

.idata Size: 8KB - Virtual size: 7KB

Shared Size: 4KB - Virtual size: 304B

.rsrc Size: 16KB - Virtual size: 12KB

.reloc Size: 48KB - Virtual size: 46KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 92KB - Virtual size: 89KB

.data
Size: 4KB - Virtual size: 224KB

.idata
Size: 8KB - Virtual size: 7KB

Shared
Size: 4KB - Virtual size: 304B

.rsrc
Size: 16KB - Virtual size: 12KB

.reloc
Size: 48KB - Virtual size: 46KB