215d190b6ee7df3558f6a3651f4f41e7_JaffaCakes118

General

Target

215d190b6ee7df3558f6a3651f4f41e7_JaffaCakes118
Size

120KB
MD5

215d190b6ee7df3558f6a3651f4f41e7
SHA1

0d9dfe7d30aca79c7621e5e7e419e0f8f16a72b9
SHA256

06838498bc58f84165bfd6e6d691ea5c151b03ab73d363491d82684048f44d00
SHA512

62ae833108d263c9bdfcd4a3d2eb59f9d6ddcec0fdd8d4f365086238ffda5573c138c4cd19975bdb2f428b33afd050d9fe1649454d065326fcd889543fa4166b
SSDEEP

1536:rAkCZU87F+Z950Wp8/ywO6NsgzwaRf0puD2+ny9fHFWEZlcW94e4p+FtJT7xDEG:MkacEWp8O6NrzwPB9t0W9TWmt5B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
215d190b6ee7df3558f6a3651f4f41e7_JaffaCakes118

Files

215d190b6ee7df3558f6a3651f4f41e7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4763a21e6403beb38e8af8c93fcfea74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
LocalFree
GetModuleHandleA
GetCommandLineA
SetLastError
GetProcAddress
ReleaseMutex
CreateProcessA
CopyFileA
GetTickCount
InterlockedIncrement
OpenEventA
CloseHandle
WaitForSingleObject
MapViewOfFile
EnterCriticalSection
CreateDirectoryA
InterlockedDecrement
InterlockedCompareExchange
CreateEventA
ExitProcess
UnmapViewOfFile
LeaveCriticalSection
lstrlenA
lstrlenW
LoadLibraryA
GetModuleFileNameA
Sleep

ole32

OleCreate
CoCreateGuid
OleSetContainedObject
CoInitialize
CoUninitialize
CreateBindCtx

user32

DispatchMessageA
GetParent
SetWindowLongA
KillTimer
GetWindowLongA
PostMessageA
FindWindowA
GetSystemMetrics
DefWindowProcA
GetMessageA
CreateWindowExA
RegisterWindowMessageA
TranslateMessage
GetClassNameA
PostQuitMessage
SetTimer
DestroyWindow
SendMessageA

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString

advapi32

RegSetValueExA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA

Exports

Exports

appAuthenticationMusic

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4763a21e6403beb38e8af8c93fcfea74

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

advapi32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB