f6a0c38b3147e1b923fb92635c251ae0_JaffaCakes118

General

Target

f6a0c38b3147e1b923fb92635c251ae0_JaffaCakes118
Size

178KB
MD5

f6a0c38b3147e1b923fb92635c251ae0
SHA1

f8defbadf7cfb2fb7717a2105e7ebe28b18cbdc8
SHA256

d47f4818605bff54697256ebfc86ab8babaaa8de4677ee106b369ae8b8e919be
SHA512

48ad873f6ad00a5ea80a91c3ff0af513e6f36e5e296d81abffa83e9858f511705ffba1d50db9dfd6091c184f15f0d560b57fd33b0a3d97437c5157381fbeb1b0
SSDEEP

3072:7mHzEawZCRgRN8kVzC9BbvYtmWhw4MPCrxQgbbr3Em7cXIi5g2:6TECgXVze7YtgPqz3tcY1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6a0c38b3147e1b923fb92635c251ae0_JaffaCakes118

Files

f6a0c38b3147e1b923fb92635c251ae0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

896616cdaefc3e15c486adccc3a03d19

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
ExpandEnvironmentStringsA
GetACP
GetCommandLineA
GetCommandLineW
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GlobalLock
HeapAlloc
HeapCreate
HeapReAlloc
MulDiv
MultiByteToWideChar
OutputDebugStringA
ReadProcessMemory
RtlUnwind
SetEndOfFile
SetLastError
SetUnhandledExceptionFilter
Sleep

user32

KillTimer
PtInRect
CheckMenuRadioItem

winmm

joyGetDevCapsW
sndPlaySoundA
timeGetTime

ole32

CreateAntiMoniker
CoFileTimeNow
CoCreateInstance
CoCreateGuid
CoBuildVersion

advapi32

StartServiceW
StartServiceCtrlDispatcherA
AdjustTokenPrivileges
CommandLineFromMsiDescriptor
CryptEnumProvidersW
CryptSetKeyParam
CryptSignHashW
ElfOpenEventLogA
ElfRegisterEventSourceA
GetServiceKeyNameW
IsWellKnownSid
RegisterTraceGuidsA
SetSecurityInfoExW

shlwapi

StrStrW

oleaut32

VarBstrCat
SysStringLen
SafeArrayCreate
SafeArrayAllocData
SafeArrayAccessData
OleTranslateColor
OleIconToCursor
GetErrorInfo

Exports

Exports

AudioGUIConfigureItem
GraphicsGLRegisterBuffer
ReadDevParamFromRAW

Sections

.text
Size: 109KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

896616cdaefc3e15c486adccc3a03d19

Headers

File Characteristics

Imports

kernel32

user32

winmm

ole32

advapi32

shlwapi

oleaut32

Exports

Exports

Sections

.text Size: 109KB - Virtual size: 204KB

.data Size: 66KB - Virtual size: 68KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 109KB - Virtual size: 204KB

.data
Size: 66KB - Virtual size: 68KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB