JaffaCakes118_b86a36df8d86ef63d40fd590498740e0

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_b86a36df8d86ef63d40fd590498740e0
Size

428KB
MD5

b86a36df8d86ef63d40fd590498740e0
SHA1

d195ee140eea6305d611cd113b09fd9f90bcee0f
SHA256

3de1963e7b3059b8bdc478488eb223b68809750f136ec59979d4667a69fdc204
SHA512

2f739ef10829b120a1559fcfa3a62299111c5f892dbf319c1c5445d2df846730600fea9140d08fe61a7eb91fbded969c0f9eac8165b53b67c76411ff275ea2f1
SSDEEP

12288:epsye6NII3ZecCxJ4SVTk5Je1fHnYBhNOO5mml7p1SuZVf6d6EOGRjO70LvgSnTi:mFBLD4LvNnwJLVg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b86a36df8d86ef63d40fd590498740e0

Files

JaffaCakes118_b86a36df8d86ef63d40fd590498740e0
.dll windows:5 windows x86 arch:x86

750e9c96a91eef250b03dc7e69be2566

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\build\source\rjrmjpln\rel32\rjrmjpln.pdb

Imports

kernel32

lstrcpyA
SetErrorMode
FindClose
GetDiskFreeSpaceA
GetWindowsDirectoryA
GetModuleFileNameA
FindFirstFileA
GetDriveTypeA
FindNextFileA
GlobalMemoryStatus
GetTickCount
GetFileSize
GetSystemInfo
UnmapViewOfFile
GetLastError
MapViewOfFile
CreateFileMappingA
lstrlenA
CloseHandle
GetSystemDirectoryA
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTempPathA
GetTempFileNameA
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
GetProcAddress
CreateFileA
FreeLibrary
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange

user32

GetSystemMetrics
CharNextA
CharPrevA
wsprintfA

advapi32

RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

msvcr90

strstr
fopen
strncmp
fclose
fread
_splitpath
__CxxFrameHandler3
memset
rename
remove
fwrite
fseek
ftell
??_V@YAXPAX@Z
??_U@YAPAXI@Z
_close
_chsize
?_open@@YAHPBDHH@Z
atoi
_strlwr
free
_purecall
strtok
ceil
floor
malloc
realloc
_ismbcspace
sprintf
_vsnprintf
memmove
_stricmp
getenv
strrchr
_ismbblead
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
atof
strchr
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
printf
_errno
_chmod
vsprintf
_time32
_lseek
_read
_write
_get_osfhandle
_fstat32
_lseeki64
_telli64
vfprintf
fprintf
_control87
_findclose
_findnext32
_findfirst32
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
strncpy
memcpy
qsort
??2@YAPAXI@Z
_creat
_chdir
??3@YAXPAX@Z
_open
_sopen
_tell
_getpid
_strnicmp
_localtime32
__timezone
_tzset
_ftime32
_itoa
_putenv
_mkdir
_rmdir
_unlink
_getcwd

msvcp90

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

ole32

CoCreateGuid

Exports

Exports

MPACreateComponentInstance

Sections

.text
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

750e9c96a91eef250b03dc7e69be2566

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

version

msvcr90

msvcp90

ole32

Exports

Exports

Sections

.text Size: 277KB - Virtual size: 277KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 33KB - Virtual size: 34KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 15KB - Virtual size: 14KB

.rmnet Size: 71KB - Virtual size: 72KB

.text
Size: 277KB - Virtual size: 277KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 33KB - Virtual size: 34KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 15KB - Virtual size: 14KB

.rmnet
Size: 71KB - Virtual size: 72KB