2a68ecb83dd3a8589857ccf54bbd0355_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a68ecb83dd3a8589857ccf54bbd0355_JaffaCakes118
Size

388KB
MD5

2a68ecb83dd3a8589857ccf54bbd0355
SHA1

0516eca40b20f4f9fe4f6249a42ba18897edfcf5
SHA256

eb67d4abd8d2c4c77f31873742463d069e0e57f4776eaaf97b5c08f9a3aa4e84
SHA512

e1fae78f3f16ae981552f1f9c3c991be0c50485473bbff6a7f5be63a9364f9e06ebbc9116b28ea02b9f67cf6a785acac16e5fe585c68e63c9416d86d2ce6a3b0
SSDEEP

6144:wRD4MlqMABEN37jt9ZA3H8DaLCw0w6LhMA8aF8pVqEDFqf1b/3C:wRZQOrcHwwH6tMzaFg8EDcf1r3C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a68ecb83dd3a8589857ccf54bbd0355_JaffaCakes118

Files

2a68ecb83dd3a8589857ccf54bbd0355_JaffaCakes118
.dll windows:4 windows x64 arch:x64

f7d8d90ab54224232700ea66b03425f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ntdll

__chkstk

shlwapi

StrStrIW

winmm

mciSendStringA
waveInGetDevCapsA
mciSendStringW
midiOutReset
waveInGetDevCapsW
midiOutGetDevCapsW
auxGetDevCapsW
waveOutSetPitch
midiInStart

user32

GetTopWindow

advapi32

CopySid

Exports

Exports

CreateXmlReader
CreateXmlReaderInputWithEncodingCodePage
CreateXmlReaderInputWithEncodingName
CreateXmlWriter
CreateXmlWriterOutputWithEncodingCodePage
CreateXmlWriterOutputWithEncodingName

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pwmi
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uclgtf
Size: 1024B - Virtual size: 735B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kjc
Size: 1024B - Virtual size: 735B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zlr
Size: 1024B - Virtual size: 735B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dsd
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cumu
Size: 512B - Virtual size: 431B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res
Size: 512B - Virtual size: 318B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7d8d90ab54224232700ea66b03425f4

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

shlwapi

winmm

user32

advapi32

Exports

Exports

Sections

.text Size: 130KB - Virtual size: 129KB

.rdata Size: 224KB - Virtual size: 223KB

.data Size: 6KB - Virtual size: 5KB

.pdata Size: 1024B - Virtual size: 540B

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 12KB

.pwmi Size: 2KB - Virtual size: 2KB

.uclgtf Size: 1024B - Virtual size: 735B

.kjc Size: 1024B - Virtual size: 735B

.zlr Size: 1024B - Virtual size: 735B

.dsd Size: 3KB - Virtual size: 3KB

.cumu Size: 512B - Virtual size: 431B

.res Size: 512B - Virtual size: 318B

.text
Size: 130KB - Virtual size: 129KB

.rdata
Size: 224KB - Virtual size: 223KB

.data
Size: 6KB - Virtual size: 5KB

.pdata
Size: 1024B - Virtual size: 540B

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 12KB

.pwmi
Size: 2KB - Virtual size: 2KB

.uclgtf
Size: 1024B - Virtual size: 735B

.kjc
Size: 1024B - Virtual size: 735B

.zlr
Size: 1024B - Virtual size: 735B

.dsd
Size: 3KB - Virtual size: 3KB

.cumu
Size: 512B - Virtual size: 431B

.res
Size: 512B - Virtual size: 318B