0b69cff9c83e5294ba0a5a0d0684dc8d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b69cff9c83e5294ba0a5a0d0684dc8d_JaffaCakes118
Size

65KB
MD5

0b69cff9c83e5294ba0a5a0d0684dc8d
SHA1

024cf99c0360511b92f9c8f10daa3b83773e988a
SHA256

900e67c6dba14b7fbc9b67d18fc1fe9705f0a44cbca43a98c9d454008620750f
SHA512

3fb273a22ba07ae384f0a32795ea74462803966ac8c7cff9d4f719f20331145af5abd9b8e7cefcd8d9b58f14a102eae7d3712ba5df4844ea52011f4f7fc745c3
SSDEEP

768:nfVvcgfxCWLvBlHa4LIushRaDkJ23Gj3TEJdeQaOmb1wkGq6+sQCGVjdrcPK3Qm:fJx5XaPIDu2WzT6eQa9EwCGdOPK3x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b69cff9c83e5294ba0a5a0d0684dc8d_JaffaCakes118

Files

0b69cff9c83e5294ba0a5a0d0684dc8d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7a8bbdf3be06a0d4f48bc45138282198

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvfw32

ICSendMessage
ICSeqCompressFrameEnd
ICGetDisplayFormat
MCIWndCreateW
ICRemove

kernel32

UnmapViewOfFile
lstrlenA
WriteFile
SetUnhandledExceptionFilter
RaiseException
CloseHandle
ExitProcess
GetCommandLineA
GetModuleHandleA
GetStartupInfoA
GetVersionExA
MapViewOfFile

msvbvm60

__vbaAryRebase1Var
__vbaFileCloseAll
__vbaCyAdd
__vbaCheckType
__vbaAryRecMove

advapi32

LsaDeleteTrustedDomain
LsaICLookupSids
RegOpenKeyExA
LsaCreateTrustedDomainEx

wininet

InternetReadFile
InternetConnectA
InternetCanonicalizeUrlA
FindFirstUrlCacheEntryA
FindFirstUrlCacheGroup

user32

IsCharLowerA
CharLowerA

ole32

OleInitialize
WriteFmtUserTypeStg
WriteClassStm
WriteClassStg
CoCreateInstance
CoGetClassObject
CoGetMalloc
CoInitialize
CoUninitialize
CreateDataAdviseHolder
GetConvertStg
OleDuplicateData
OleGetClipboard
StringFromGUID2
OleSaveToStream
OleSetClipboard
OleUninitialize

dsound

DirectSoundFullDuplexCreate
DirectSoundEnumerateW
DirectSoundEnumerateA
DirectSoundCaptureEnumerateA

Sections

.text
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a8bbdf3be06a0d4f48bc45138282198

Headers

File Characteristics

Imports

msvfw32

kernel32

msvbvm60

advapi32

wininet

user32

ole32

dsound

Sections

.text Size: 25KB - Virtual size: 28KB

.rdata Size: 15KB - Virtual size: 16KB

.data Size: 14KB - Virtual size: 16KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 25KB - Virtual size: 28KB

.rdata
Size: 15KB - Virtual size: 16KB

.data
Size: 14KB - Virtual size: 16KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB