0e7d11a86c4cce656ac02c5f86d071f9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e7d11a86c4cce656ac02c5f86d071f9_JaffaCakes118
Size

129KB
MD5

0e7d11a86c4cce656ac02c5f86d071f9
SHA1

84c31655ea978cbabdd68d47d2c9bd293f13eee2
SHA256

2af939b4eff52b052140be9fb7e534a1f54ee2fd046be6af4f22972a59ad4ee0
SHA512

774781438a0c680288612067844e528ca8f26802339d8d30810871ae67efad72896b40e68c3814b6421ec065224cd82e8a273d3c04b8297aa9bfc543e0e7d336
SSDEEP

3072:Ai32MC7KRNfjv3fHLHngA/7FjR3UNCTaZ+l1MO4RUvF:AiSOjHgqjRkNpWDqUt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e7d11a86c4cce656ac02c5f86d071f9_JaffaCakes118

Files

0e7d11a86c4cce656ac02c5f86d071f9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c2e3240f79f4f592ccdad81e507d2ba4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
GetModuleHandleA
GetProcAddress
VirtualProtect

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

gdi32

UnrealizeObject

wsock32

WSACleanup

ws2_32

inet_ntoa

Exports

Exports

WSPStartup

Sections

>
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

'
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

'
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

*
Size: - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

;
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

!
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/
Size: - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

,
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

:
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2e3240f79f4f592ccdad81e507d2ba4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

gdi32

wsock32

ws2_32

Exports

Exports

Sections

> Size: - Virtual size: 132KB

' Size: - Virtual size: 11KB

' Size: - Virtual size: 3KB

1 Size: - Virtual size: 3KB

* Size: - Virtual size: 68B

; Size: - Virtual size: 11KB

! Size: 1024B - Virtual size: 5KB

/ Size: - Virtual size: 21KB

, Size: 127KB - Virtual size: 126KB

: Size: 512B - Virtual size: 172B

>
Size: - Virtual size: 132KB

'
Size: - Virtual size: 11KB

'
Size: - Virtual size: 3KB

1
Size: - Virtual size: 3KB

*
Size: - Virtual size: 68B

;
Size: - Virtual size: 11KB

!
Size: 1024B - Virtual size: 5KB

/
Size: - Virtual size: 21KB

,
Size: 127KB - Virtual size: 126KB

:
Size: 512B - Virtual size: 172B