083ab44ef46f7bba1edaec7d0180376b_JaffaCakes118

General

Target

083ab44ef46f7bba1edaec7d0180376b_JaffaCakes118
Size

250KB
MD5

083ab44ef46f7bba1edaec7d0180376b
SHA1

9b54c513a096ee5e1fd7687c647ca60fdc208893
SHA256

d630e085386d008107e04cc4409ce9781f7b826c69ecf1d9530d8637b7e64a7d
SHA512

4497a10168dc58c19e10781628e22007def6afa830fffea2d42ce55506b59da4d22e818839075cdb91c7bde6fa04547a5e49ee749ccb94bc26c8ecfb17a01b41
SSDEEP

6144:Js++co8Kbc+dHYQZ+7x+uT6E3aJ4bHEmEwdKfaJzNG2kmuRYNU8jlm:ycSg+5Z+EEZkRg2a78mumG8xm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
083ab44ef46f7bba1edaec7d0180376b_JaffaCakes118

Files

083ab44ef46f7bba1edaec7d0180376b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

35db7c82ba8209ef562b75a432342f0b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateEventA
DeleteCriticalSection
ExitProcess
ExitThread
FlushFileBuffers
GetCommandLineA
GetConsoleOutputCP
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetModuleFileNameA
GetModuleHandleA
GetProcessAffinityMask
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
RtlUnwind
SetThreadAffinityMask
SetUnhandledExceptionFilter
VirtualAlloc
VirtualProtect
lstrcatA
lstrcpyA

msvcrt

wcschr
atoi
atol
fopen
fseek
fwrite
strcat
strcmp
strcpy
strlen
wscanf
wcscpy
strncat
swprintf
strstr

user32

CheckMenuItem
ClientToScreen
DefDlgProcA
UpdateWindow
GetWindowTextA
GetKeyState
GetDC
DrawTextA
DeleteMenu

comctl32

ShowHideMenuCtl
CreateStatusWindowA
InitCommonControls

oleaut32

VarUI1FromDate
VarCyFromStr
VarI1FromR8
OleCreatePictureIndirect
SafeArrayGetVartype
SysAllocString
VarR4FromBool
VarI2FromStr

ddraw

DSoundHelp
DirectDrawCreate
DirectDrawCreateClipper
DDInternalLock
DirectDrawCreateEx

Exports

Exports

Hcbvzqndvp
Rjiggipmylkun
Vdp

Sections

.text
Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35db7c82ba8209ef562b75a432342f0b

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

comctl32

oleaut32

ddraw

Exports

Exports

Sections

.text Size: 95KB - Virtual size: 96KB

.rdata Size: 78KB - Virtual size: 80KB

.data Size: 48KB - Virtual size: 132KB

.rsrc Size: 27KB - Virtual size: 28KB

.text
Size: 95KB - Virtual size: 96KB

.rdata
Size: 78KB - Virtual size: 80KB

.data
Size: 48KB - Virtual size: 132KB

.rsrc
Size: 27KB - Virtual size: 28KB