0fc9492bceaea757a3bb4d84b32ab4e3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0fc9492bceaea757a3bb4d84b32ab4e3_JaffaCakes118
Size

61KB
MD5

0fc9492bceaea757a3bb4d84b32ab4e3
SHA1

89a43ccca167a6c3ce66473f6f5246c01ff6f2e9
SHA256

d8a2db931e973a6d0596f051bb3a51adfe62dd1f3d119d7e8d792e894e22c956
SHA512

40feed947530238970f853bb6dac4e2214d9513193ab99b6995ba542d4f0eaaa81f4905a4fcb447559478b836e4aef909038f3feb0122e8ff02dee6cb49f07a1
SSDEEP

768:0xfjpt/XNIMc5esoHh7Bzywf8PsWcO6KHHNYTFNbRn7JsxwRq/70iI3Qm:ofzfNQKhFzyotWlYTFRZ9s/tI3x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fc9492bceaea757a3bb4d84b32ab4e3_JaffaCakes118

Files

0fc9492bceaea757a3bb4d84b32ab4e3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a6632ad87cfeb5209be57afcda593ca7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

dinput

DirectInputCreateEx
DirectInputCreateW
DirectInputCreateA

kernel32

ReadFile
lstrcpynA
WriteFile
UnmapViewOfFile
CloseHandle
ExitProcess
FreeResource
GetModuleHandleA
LeaveCriticalSection
LoadResource
OpenFile
SleepEx

ole32

OleInitialize
CreateStreamOnHGlobal
CreateFileMoniker
RegisterDragDrop
OleUninitialize
CreateDataAdviseHolder
CoFileTimeNow
CoGetClassObject
CoUninitialize
CoInitialize
CoRevokeClassObject
CoCreateInstance

dsound

DirectSoundCaptureEnumerateW
DirectSoundCaptureEnumerateA
DirectSoundCaptureCreate8
DirectSoundEnumerateW

user32

OemToCharW
MessageBoxIndirectA
LoadMenuA
CreateIcon
LoadIconA
IsCharLowerA
CopyRect
GetDlgItem
GetCursor
DispatchMessageA
DestroyCaret
DefDlgProcA
CreateIconFromResource
OffsetRect
CharUpperA
CharToOemBuffA
CharLowerA
BeginPaint
GetFocus
CharNextA

shell32

SHFileOperationA
Shell_NotifyIconA
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
ShellExecuteA
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
SHGetDesktopFolder
SHBindToParent

msvfw32

DrawDibStop
DrawDibEnd
ICCompressorChoose
MCIWndCreateA
DrawDibDraw

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6632ad87cfeb5209be57afcda593ca7

Headers

File Characteristics

Imports

dinput

kernel32

ole32

dsound

user32

shell32

msvfw32

Sections

.text Size: 27KB - Virtual size: 28KB

.rdata Size: 15KB - Virtual size: 16KB

.data Size: 7KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 27KB - Virtual size: 28KB

.rdata
Size: 15KB - Virtual size: 16KB

.data
Size: 7KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB