f72863666a91ef87fcf796505c9e8202_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f72863666a91ef87fcf796505c9e8202_JaffaCakes118
Size

188KB
MD5

f72863666a91ef87fcf796505c9e8202
SHA1

78d74305849f7bcc05a0290d5ab06fc709444a0f
SHA256

354d33b7653f23be03279f3614ebbbf9268838f795673d152130deeea3315b37
SHA512

241e72e9740b86fea3ecad4f8b7d3d1c347c4ee8f9f62d1ae1464d751bd22f63cd1703a1013ce6da66f16b3511d29edd1d52572cfce7e102868e2eb30654dbaf
SSDEEP

3072:GA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoBo:GzIqATVfQeV2FZalKq6jtGJWuTmd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
f72863666a91ef87fcf796505c9e8202_JaffaCakes118

Files

f72863666a91ef87fcf796505c9e8202_JaffaCakes118
.dll windows:5 windows x86 arch:x86

e14682cd580b5bc2ebf0ee1ec113cb1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupLogErrorW

esent

JetEndSession

msvcrt

iswlower
memset

user32

ImpersonateDdeClientWindow
ShowOwnedPopups

winmm

waveOutGetNumDevs

gdi32

StretchBlt

mprapi

MprAdminGetErrorString

rpcrt4

RpcBindingSetAuthInfoExW

wintrust

CryptSIPCreateIndirectData

rasapi32

RasDeleteEntryW

oleaut32

VarUdateFromDate
BSTR_UserFree

kernel32

GetModuleHandleA
GetModuleFileNameW
WriteFile
GetTempPathA
GetModuleHandleW
EndUpdateResourceA
VirtualProtect
TransactNamedPipe
DebugBreak
SetDefaultCommConfigA

shlwapi

StrCmpNW
ChrCmpIA

advapi32

RegLoadAppKeyA
FreeSid
CreateServiceW

Exports

Exports

LosskiwFpponf

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e14682cd580b5bc2ebf0ee1ec113cb1f

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

esent

msvcrt

user32

winmm

gdi32

mprapi

rpcrt4

wintrust

rasapi32

oleaut32

kernel32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 132KB - Virtual size: 129KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 132KB - Virtual size: 129KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB