2e4f7fdfa945239925b4bcb0f5416a0e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e4f7fdfa945239925b4bcb0f5416a0e_JaffaCakes118
Size

44KB
MD5

2e4f7fdfa945239925b4bcb0f5416a0e
SHA1

9254a42d8364f644ff4bf3695a2db17cda1587da
SHA256

a23edeba88039cc3592c22b345c89efcd6a5a9049a6f70f0ba69a5e2e1057338
SHA512

a33b3dae9798da71450fef2c5c9ec97854cfc2c5ddeb4bd399ceb9bac663b49545a64ab05b139a700a2285b7ff08d98c79b1aff0706864be36d4398e9f019882
SSDEEP

768:Xb9ojTHlF9/+cfvaooY69qbOnrt1ApoFInLcCYtX0lR6J83R26D:RojL9GiSooY64Onrt1KZnLcNErUi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e4f7fdfa945239925b4bcb0f5416a0e_JaffaCakes118

Files

2e4f7fdfa945239925b4bcb0f5416a0e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d0944b1301c2b1de4c2f65ab2cd00605

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

shell32

ShellExecuteA

gdi32

BitBlt

winmm

waveInStop

user32

SetTimer

ole32

CreateStreamOnHGlobal

advapi32

RegCloseKey

ws2_32

listen

shlwapi

StrCmpW

psapi

GetModuleFileNameExA

avicap32

capCreateCaptureWindowA

imm32

ImmGetContext

msvcrt

free

Exports

Exports

ServiceMain
DoService
DoMainWork

Sections

.erdf
Size: 24KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rtfgy
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tgyh
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

edrft
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rtyhgj
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ujikol
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.guocyok
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d0944b1301c2b1de4c2f65ab2cd00605

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

winmm

user32

ole32

advapi32

ws2_32

shlwapi

psapi

avicap32

imm32

msvcrt

Exports

Exports

Sections

.erdf Size: 24KB - Virtual size: 66KB

.rtfgy Size: 1024B - Virtual size: 7KB

.tgyh Size: 1024B - Virtual size: 2KB

edrft Size: - Virtual size: 4KB

rtyhgj Size: 3KB - Virtual size: 3KB

.rsrc Size: - Virtual size: 4KB

.ujikol Size: 2KB - Virtual size: 3KB

.guocyok Size: 3KB - Virtual size: 4KB

.erdf
Size: 24KB - Virtual size: 66KB

.rtfgy
Size: 1024B - Virtual size: 7KB

.tgyh
Size: 1024B - Virtual size: 2KB

edrft
Size: - Virtual size: 4KB

rtyhgj
Size: 3KB - Virtual size: 3KB

.rsrc
Size: - Virtual size: 4KB

.ujikol
Size: 2KB - Virtual size: 3KB

.guocyok
Size: 3KB - Virtual size: 4KB