0e3a4d554c220217e11d49c0f9cf3819_JaffaCakes118

General

Target

0e3a4d554c220217e11d49c0f9cf3819_JaffaCakes118
Size

223KB
MD5

0e3a4d554c220217e11d49c0f9cf3819
SHA1

a5ce13f356b7739b3a6bb2ddb57049da218ba2c8
SHA256

b0cf2cf02abd19f4b14552c9b4bef4de415ffed8858aea217e44410d9b9f36ac
SHA512

230ff636b5721315bf866b8b0653cfb12a94cd3c17bf5d89db81e774b891aa4692f7d63e225292c7fd0d28dd8c99e716fb38f3adb6a027ed2b92257e6a26fe82
SSDEEP

6144:ZPYoSiZDtgDbBbmRWhbx+tDb3HoiyklpEaw:ali5ODtmObx+Wiyko

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e3a4d554c220217e11d49c0f9cf3819_JaffaCakes118

Files

0e3a4d554c220217e11d49c0f9cf3819_JaffaCakes118
.dll windows:4 windows x86 arch:x86

470b6cb5e206a5fa4e19c7a6baea60ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CompareStringA
ExitProcess
FindClose
GetACP
GetCPInfo
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetProcessHeap
GetStartupInfoA
GetSystemDirectoryA
GetTimeZoneInformation
GlobalAddAtomA
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedDecrement
IsDebuggerPresent
IsValidCodePage
MultiByteToWideChar
ResetEvent
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TlsAlloc
lstrcmpiA
lstrcpyA
lstrlenA

msvcrt

rand
srand
printf
strpbrk
exit
__set_app_type
__p__fmode
__getmainargs
__p__commode
sscanf

user32

IsWindowVisible
SetMenuItemInfoA
GetSubMenu

winmm

joyGetPosEx
joyConfigChanged
joySetCapture

ole32

StringFromGUID2
CoCreateGuid
CoCreateInstance

shlwapi

PathStripPathA
StrStrA
StrStrIA
StrStrW
PathRenameExtensionA

Exports

Exports

CloseCaptureDevice
DowngradeAPL
DrawTextExW_ME
GetEncryptionForAdapter
GetPriority
GetSignalStrengthForAdapter
GetUpdateHTMLDescription
NxCloseCooking
NxCookClothMesh
NxInitCooking
OpenComponentLibraryEx
TTF_ByteSwappedUNICODE

Sections

.text
Size: 134KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

470b6cb5e206a5fa4e19c7a6baea60ea

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

winmm

ole32

shlwapi

Exports

Exports

Sections

.text Size: 134KB - Virtual size: 184KB

.data Size: 87KB - Virtual size: 88KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 134KB - Virtual size: 184KB

.data
Size: 87KB - Virtual size: 88KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB