237cb5aaff37f97d287937eb14450090_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

237cb5aaff37f97d287937eb14450090_JaffaCakes118
Size

212KB
MD5

237cb5aaff37f97d287937eb14450090
SHA1

693ea4eb3e7ade7f2a642543b4f04f26a4bed786
SHA256

59d9af2679fb6025085edbd150698867d4a9c2715c8f113f8ce471b142e1e82f
SHA512

f30dceeac66411eaf497fa5523bcfb6c614436a184a1743446c7be8835f5cd97e3a1217d9849d1fcbb306801d4932a97447bde39167c1c777c24458b47b8c488
SSDEEP

3072:2zHKu1cOPya7AtrcBYs80XTF01AkqXQOcoG8KfSUtyiZzF5s3+pdBfPb9nl:oRiOPyaK87Fj61FKTU4WzbsOjBf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
237cb5aaff37f97d287937eb14450090_JaffaCakes118

Files

237cb5aaff37f97d287937eb14450090_JaffaCakes118
.dll windows:4 windows x86 arch:x86

618d37116326525e7f1c24ee8f03af65

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateEventA
DeleteCriticalSection
ExitProcess
FormatMessageA
GetCommandLineA
GetEnvironmentStringsA
GetExitCodeThread
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetTimeZoneInformation
GetVersionExA
HeapAlloc
HeapCreate
InitializeCriticalSection
InterlockedDecrement
LeaveCriticalSection
LocalFree
MultiByteToWideChar
OutputDebugStringA
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetLastError
TlsSetValue
UnhandledExceptionFilter
WaitForMultipleObjects
WriteConsoleW
WriteFile
lstrcpynA
lstrlenW

user32

TranslateAcceleratorA
SetWindowLongA
SetFocus
SetClipboardData
ReleaseCapture
PtInRect
LoadIconA
IsIconic
InsertMenuA
InflateRect
GetWindowPlacement
GetScrollInfo
GetClientRect
DefMDIChildProcA
CreateDialogParamA
ClientToScreen
CheckMenuRadioItem
CheckMenuItem
AppendMenuA
CreateMenu

advapi32

RegisterServiceCtrlHandlerW
ConvertSecurityDescriptorToAccessNamedA
LogonUserA
LsaAddPrivilegesToAccount
LsaDeleteTrustedDomain
LsaFreeMemory
LsaLookupPrivilegeDisplayName
LsaSetInformationTrustedDomain
ObjectPrivilegeAuditAlarmW
SetFileSecurityA
GetTrusteeTypeA
ReadEncryptedFileRaw
OpenEncryptedFileRawA

ddraw

DDInternalUnlock
DirectDrawCreate
DirectDrawCreateEx
GetDDSurfaceLocal

ole32

CoCreateInstance
CoTaskMemAlloc
IsEqualGUID

Exports

Exports

GetObjectData

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

618d37116326525e7f1c24ee8f03af65

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ddraw

ole32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 108KB

.data Size: 92KB - Virtual size: 172KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 108KB - Virtual size: 108KB

.data
Size: 92KB - Virtual size: 172KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB