388c4a3569a7b3e71e31defc72ada3be_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

388c4a3569a7b3e71e31defc72ada3be_JaffaCakes118
Size

39KB
MD5

388c4a3569a7b3e71e31defc72ada3be
SHA1

ff39a2a38024b1206a7ed28d00d2406eb3b6ad10
SHA256

311f5b5d53849ceee03ed7795bc399e7037fbd8949d4779fe9103bf4814442c3
SHA512

ed4909feef82804283fae7a79f10565600ad7140c064fa362c985f61c216eea5c9b69aae94e674873375bea5b2fc539c4d48b70b8f31bc0cc266e49192c75c5a
SSDEEP

768:u8+xZ+434ZnQpQmJM2BykSZmpF0yVUECg9KStwDQRNfueqz7IKFZ85nMTSq:u82c434xQp/qkS4pLzzEuNfue8IwC5nw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
388c4a3569a7b3e71e31defc72ada3be_JaffaCakes118

Files

388c4a3569a7b3e71e31defc72ada3be_JaffaCakes118
.dll windows:4 windows x86 arch:x86

37ac40796e3b5922bc9a66020fb8da88

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

RegCloseKey

psapi

GetModuleFileNameExA

gdi32

GetDIBits

ole32

CreateStreamOnHGlobal

shlwapi

StrRChrA

user32

ExitWindowsEx

ws2_32

listen

imm32

ImmReleaseContext

avicap32

capCreateCaptureWindowA

winmm

waveInUnprepareHeader

shell32

ShellExecuteA

msvcrt

strrchr

Exports

Exports

frtesfwr
222222222222
ServiceMain

Sections

.guoc
Size: 24KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

guocy
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gyuio
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE