e7cfb9f3c6d1407de4f50fcbdb80dacc_JaffaCakes118

General

Target

e7cfb9f3c6d1407de4f50fcbdb80dacc_JaffaCakes118
Size

130KB
MD5

e7cfb9f3c6d1407de4f50fcbdb80dacc
SHA1

cd92efdfafb2985c2cc515bce744a0c8274b586d
SHA256

d51a55d307114b61977feebacb63443fb2f17445bab9fe62dbb9c70f45b82556
SHA512

6f13d4bc6fce9604fd46f6d8a7b829618d9e22148c9f6bcec282dce6ed5e87fb6d0a91ff0f28a1cc8efeb0f45aa5f6d5a5286f7003ec8a9011e49e68ba94e6a6
SSDEEP

1536:Od8REBw+Ks576DlNEf/muW+3z76iUoxPQ678xI7qr0i5vmuZz0KMMiU1aoauY:Od8yB55cN2vHPLwq49h0KMMiU1m9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7cfb9f3c6d1407de4f50fcbdb80dacc_JaffaCakes118

Files

e7cfb9f3c6d1407de4f50fcbdb80dacc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3dd75a8c068a6d5e7f799a6411273458

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantClear
VariantCopyInd
SysAllocStringLen
SysFreeString
LoadTypeLib

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
StartServiceA
CloseServiceHandle
AdjustTokenPrivileges
OpenServiceA

ole32

CoCreateInstance
CoRegisterClassObject
CLSIDFromProgID
CoRegisterMessageFilter
CoResumeClassObjects
CreateOleAdviseHolder
StringFromGUID2
ReadClassStg
OleUninitialize
OleLockRunning
GetConvertStg
CreateStreamOnHGlobal
CLSIDFromString

kernel32

FlushFileBuffers
LoadLibraryA
LoadResource
WriteFile
TlsGetValue
MapViewOfFile
SleepEx
FreeResource

msvcrt

__getmainargs
memchr
free
fflush
exit
__set_app_type
__p__commode
memset
strcmp
memmove

opengl32

wglDeleteContext
wglCreateContext
wglMakeCurrent

gdi32

SetPixelFormat
ChoosePixelFormat

Exports

Exports

Afn
Mxt
Roh
Sxc
Tbp
Uwq
Xmp
Zig

Sections

.text
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dd75a8c068a6d5e7f799a6411273458

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

kernel32

msvcrt

opengl32

gdi32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 32KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 33KB - Virtual size: 36KB

.idata Size: 10KB - Virtual size: 12KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 30KB - Virtual size: 32KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 33KB - Virtual size: 36KB

.idata
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 24KB - Virtual size: 28KB