43aad72f952debdfe960d9810ac39ccc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43aad72f952debdfe960d9810ac39ccc_JaffaCakes118
Size

200KB
MD5

43aad72f952debdfe960d9810ac39ccc
SHA1

d18f3a29542770f76e0d7e9fe5e5d08faff1b741
SHA256

8cb63a066cf44dda73260b9c6b336c0e622f6f1c423e1ec74e9983f86930bdfe
SHA512

71dc69838210681d6b2081110962bfbcc643c28d8bde143a79737db2b3dddfd3580d62864e9f271afdd52c3a09a979d205e6f32c715a8f0bbe47201418df3ef6
SSDEEP

6144:s/kGEngoQ13ZVeYxhmzhPYHBnC4BHIaVn:47agf137eqhmSH3BH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43aad72f952debdfe960d9810ac39ccc_JaffaCakes118

Files

43aad72f952debdfe960d9810ac39ccc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

58591cfc1f83e97c8e48ad3ea3c2169d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateConsoleScreenBuffer
CreateFileA
DisableThreadLibraryCalls
ExitProcess
FindFirstFileA
GetACP
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcessId
GetExitCodeThread
GetFileTime
GetFileType
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetStdHandle
GetVersionExA
GlobalLock
HeapAlloc
HeapCreate
HeapReAlloc
IsValidCodePage
MultiByteToWideChar
RtlUnwind
SetErrorMode
SetFilePointer
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsSetValue
VirtualFree
WideCharToMultiByte
lstrcatA

user32

SystemParametersInfoA
SetForegroundWindow
SetWindowPos
ReleaseDC
ReleaseCapture
PostMessageA
LoadCursorA
IsZoomed
GetWindowTextA
GetDlgItem
CreatePopupMenu
DrawIconEx
EnumChildWindows
CheckMenuRadioItem
RegisterClassExA

advapi32

PrivilegedServiceAuditAlarmW
StartTraceA
RegisterServiceCtrlHandlerExA
RegCreateKeyExW
RegCreateKeyA
AreAnyAccessesGranted
MakeSelfRelativeSD
GetSecurityDescriptorDacl
CryptReleaseContext
EncryptFileA

ole32

CreateAntiMoniker
StringFromGUID2
IsEqualGUID
CoTaskMemFree
CoGetMalloc
CoFileTimeNow
CoCreateInstance
CoCreateGuid
CoBuildVersion
CLSIDFromString

opengl32

glClearIndex
wglGetCurrentDC
wglChoosePixelFormat
glVertex4i
glTexCoord4sv
glTexCoord1dv
glStencilOp
glReadPixels
glPixelTransferf
glLightf
glIndexMask
glDeleteTextures
glDeleteLists
glColorMask
glClear

ddraw

DirectDrawCreateEx

Exports

Exports

BAOCloseHandle
D3D9ResourceGetMappedPitch
EnumDeviceReset
EnumMCCustomCapRelease
EnumRelCamSettingDataReset
GetFileInItemCount
SetAllParamValueToAtCapture

Sections

.text
Size: 134KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58591cfc1f83e97c8e48ad3ea3c2169d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

opengl32

ddraw

Exports

Exports

Sections

.text Size: 134KB - Virtual size: 212KB

.data Size: 60KB - Virtual size: 64KB

.rsrc Size: 3KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 134KB - Virtual size: 212KB

.data
Size: 60KB - Virtual size: 64KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB