1e3a6e5538f972b402842949e3a28e31_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1e3a6e5538f972b402842949e3a28e31_JaffaCakes118
Size

392KB
MD5

1e3a6e5538f972b402842949e3a28e31
SHA1

68c7f1d1937240a771561e3aed0fa978ca757d68
SHA256

f6ed1f0968da100209de23ca8c56c5c4a279aeedcf6387965783f8269dd31c45
SHA512

40e50e4e9b90c65dbb5452cc490ac879cc90958e8b1b6cc6be68b92bfee4674df3217e359277d2e8454a0ebac1ea1f33bb4f3cb5b8ca1c14b9319e72a5efe4f3
SSDEEP

6144:IRD4MlqMABEN37jt9ZA3H8DaLCw0w6LhMA8aF8pVqEDFqf1b/3C:IRZQOrcHwwH6tMzaFg8EDcf1r3C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e3a6e5538f972b402842949e3a28e31_JaffaCakes118

Files

1e3a6e5538f972b402842949e3a28e31_JaffaCakes118
.dll windows:4 windows x64 arch:x64

f7d8d90ab54224232700ea66b03425f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ntdll

__chkstk

shlwapi

StrStrIW

winmm

mciSendStringA
waveInGetDevCapsA
mciSendStringW
midiOutReset
waveInGetDevCapsW
midiOutGetDevCapsW
auxGetDevCapsW
waveOutSetPitch
midiInStart

user32

GetTopWindow

advapi32

CopySid

Exports

Exports

ConfigStartMenu
DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
DllGetVersion
GetProgramsOnline
NewLinkHereW
RunFODW
RunOCMW
RunSPADW

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pwmi
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uclgtf
Size: 1024B - Virtual size: 735B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kfmznp
Size: 1024B - Virtual size: 1022B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zgjovr
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.revkhp
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7d8d90ab54224232700ea66b03425f4

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

shlwapi

winmm

user32

advapi32

Exports

Exports

Sections

.text Size: 130KB - Virtual size: 129KB

.rdata Size: 224KB - Virtual size: 223KB

.data Size: 6KB - Virtual size: 5KB

.pdata Size: 1024B - Virtual size: 540B

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 12KB

.pwmi Size: 2KB - Virtual size: 2KB

.uclgtf Size: 1024B - Virtual size: 735B

.kfmznp Size: 1024B - Virtual size: 1022B

.zgjovr Size: 2KB - Virtual size: 1KB

.revkhp Size: 8KB - Virtual size: 7KB

.text
Size: 130KB - Virtual size: 129KB

.rdata
Size: 224KB - Virtual size: 223KB

.data
Size: 6KB - Virtual size: 5KB

.pdata
Size: 1024B - Virtual size: 540B

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 12KB

.pwmi
Size: 2KB - Virtual size: 2KB

.uclgtf
Size: 1024B - Virtual size: 735B

.kfmznp
Size: 1024B - Virtual size: 1022B

.zgjovr
Size: 2KB - Virtual size: 1KB

.revkhp
Size: 8KB - Virtual size: 7KB