3456b194b10dfeb7b6fe33a406f44b0d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3456b194b10dfeb7b6fe33a406f44b0d_JaffaCakes118
Size

145KB
MD5

3456b194b10dfeb7b6fe33a406f44b0d
SHA1

5b1edd72b793d655d195919bf002157d91bc606c
SHA256

e2585842ca20b30d83ca203698d04b08332c2e3c561ed1a653d1905e53d73589
SHA512

88072228e3de0c3056fc65bad6e338d7f6f5b7bb488789abd0e2a542b4e7a64f77bf491952303c50f1d354f1e3648d1b45ffba14066fb0b476838a2a33f7b0db
SSDEEP

3072:AHIIEzEvCj0sN120HbJ0q2eImQwxxJ4+wl3HX3K7o8ccefC:pesLHNEmQwx4+wl67rMa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3456b194b10dfeb7b6fe33a406f44b0d_JaffaCakes118

Files

3456b194b10dfeb7b6fe33a406f44b0d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

50badd20da25ded88e454df70a553a5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
GetModuleHandleA
GetProcAddress
VirtualProtect

user32

SystemParametersInfoA

gdi32

SelectObject

advapi32

LsaOpenPolicy

shell32

SHGetFileInfoA

shlwapi

SHDeleteKeyA

msvcrt

_strnicmp

winmm

waveInReset

ws2_32

WSACleanup

msvcp60

?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z

imm32

ImmReleaseContext

wininet

InternetCloseHandle

msvfw32

ICSeqCompressFrame

psapi

EnumProcessModules

wtsapi32

WTSFreeMemory

Exports

Exports

ServiceMain
aaaaaaaaaaaa
bbbbbbbbbbbb
cccccccccccc
zzzzzzzzzzzzz

Sections

.text
Size: - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

choujin0
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

choujin1
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

choujin2
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50badd20da25ded88e454df70a553a5f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

msvcrt

winmm

ws2_32

msvcp60

imm32

wininet

msvfw32

psapi

wtsapi32

Exports

Exports

Sections

.text Size: - Virtual size: 98KB

.rsrc Size: 1KB - Virtual size: 1KB

choujin0 Size: - Virtual size: 4KB

choujin1 Size: - Virtual size: 56KB

choujin2 Size: 142KB - Virtual size: 141KB

.reloc Size: 512B - Virtual size: 112B

.text
Size: - Virtual size: 98KB

.rsrc
Size: 1KB - Virtual size: 1KB

choujin0
Size: - Virtual size: 4KB

choujin1
Size: - Virtual size: 56KB

choujin2
Size: 142KB - Virtual size: 141KB

.reloc
Size: 512B - Virtual size: 112B