15d018d939c6d9be02a292c0d7d17c19_JaffaCakes118

General

Target

15d018d939c6d9be02a292c0d7d17c19_JaffaCakes118
Size

380KB
MD5

15d018d939c6d9be02a292c0d7d17c19
SHA1

ffdb88c3a187a7cdb2937ec12310a92070e56f63
SHA256

49eb6fc6d548cfecd57046d2da60a042e7234a409a14a112c38d234b18fd2bf2
SHA512

d7277243f9a655d94cfadef7253105f0a7703d3c0a09473fd28456249274f129754ee42ad2fb8ae3f62a8bae4ae51f650c3e64414338fa7b681fe2ea106dcb0e
SSDEEP

6144:zRiEaCROSpc2lQosJNjUzaaXlkOZ1sMAc0bJXQMraS1iDnCIY76c5gAG1:MEvROSpJ/WNjUqIseWQMeSEY7DgAG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15d018d939c6d9be02a292c0d7d17c19_JaffaCakes118

Files

15d018d939c6d9be02a292c0d7d17c19_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c5ba93682c8bbaf2a5c23bc2229df413

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
IsBadWritePtr
IsBadReadPtr
GetProcAddress
GetModuleHandleA
CloseHandle
ReadFile
SetFilePointer
CreateFileA
WriteFile
GetLocalTime
ExitProcess
GetLastError
LoadLibraryA
FreeLibrary
lstrcmpiA
GetModuleFileNameA
GetLocaleInfoW
SetEndOfFile
GetOEMCP
GetACP
IsBadCodePtr
SetStdHandle
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
RaiseException
HeapFree
GetCommandLineA
GetVersion
HeapAlloc
HeapReAlloc
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
TerminateProcess
GetCurrentProcess
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetUnhandledExceptionFilter
FlushFileBuffers
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
SetEnvironmentVariableA

user32

GetWindowTextA
FindWindowA
PostMessageA
GetAsyncKeyState

winmm

timeGetTime

opengl32

glPopMatrix
glDisable
glEnable
glBlendFunc
glLineWidth
glBegin
glColor4f
glVertex3fv
glEnd

Exports

Exports

CreateInterface

Sections

.text
Size: 352KB - Virtual size: 351KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5ba93682c8bbaf2a5c23bc2229df413

Headers

File Characteristics

Imports

kernel32

user32

winmm

opengl32

Exports

Exports

Sections

.text Size: 352KB - Virtual size: 351KB

.reloc Size: 24KB - Virtual size: 20KB

.text
Size: 352KB - Virtual size: 351KB

.reloc
Size: 24KB - Virtual size: 20KB