44d97943f7786b9f4f3c855d9fcc044a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44d97943f7786b9f4f3c855d9fcc044a_JaffaCakes118
Size

4.8MB
MD5

44d97943f7786b9f4f3c855d9fcc044a
SHA1

60224d09aa882110e44fcfb585f944bf57d0b0b3
SHA256

2b5d605f44146d80e12476b0dd64a00ef2664895b1162401f2ab529c4820be92
SHA512

ee3d0fa870a86496ca6d043ba4f97df2f17bb367f4c6f2f81c4a3652aa579084fe8d96a1c63a785d0cd7b1fa4a512412a03bfb0f504cf10667cda4b89ea88ca8
SSDEEP

98304:yft/qAX2gyCQUqWiuBf4cLJnoPNXigrtooN3Bxqhx+akPoBD/WqIUR:yl/dmhCri2LJoPJiglakPCCqJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44d97943f7786b9f4f3c855d9fcc044a_JaffaCakes118

Files

44d97943f7786b9f4f3c855d9fcc044a_JaffaCakes118
.dll windows:6 windows x86 arch:x86

cd0ffe1750b15d3290e25cdde64b3188

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

recv

crypt32

CertFreeCertificateChain

wldap32

ord217

normaliz

IdnToAscii

advapi32

CryptHashData

user32

RegisterClassExA
GetProcessWindowStation
GetProcessWindowStation
GetUserObjectInformationW

oleaut32

SysAllocString

shell32

ShellExecuteA

d3dcompiler_47

D3DCompile

shlwapi

PathFindExtensionA

kernel32

GetVersionExW
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

imm32

ImmSetCompositionWindow

xinput1_4

ord4

wtsapi32

WTSSendMessageW

Sections

.text
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idev0
Size: - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idev1
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 422B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd0ffe1750b15d3290e25cdde64b3188

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

crypt32

wldap32

normaliz

advapi32

user32

oleaut32

shell32

d3dcompiler_47

shlwapi

kernel32

imm32

xinput1_4

wtsapi32

Sections

.text Size: - Virtual size: 1.2MB

.rdata Size: - Virtual size: 237KB

.data Size: - Virtual size: 28KB

.detourc Size: - Virtual size: 4KB

.detourd Size: - Virtual size: 12B

.idev0 Size: - Virtual size: 2.6MB

.idev1 Size: 4.8MB - Virtual size: 4.8MB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 422B

.text
Size: - Virtual size: 1.2MB

.rdata
Size: - Virtual size: 237KB

.data
Size: - Virtual size: 28KB

.detourc
Size: - Virtual size: 4KB

.detourd
Size: - Virtual size: 12B

.idev0
Size: - Virtual size: 2.6MB

.idev1
Size: 4.8MB - Virtual size: 4.8MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 422B