455cbd925ab3487720eb6f5ff9b1ffdb_JaffaCakes118

General

Target

455cbd925ab3487720eb6f5ff9b1ffdb_JaffaCakes118
Size

89KB
MD5

455cbd925ab3487720eb6f5ff9b1ffdb
SHA1

198df5a489d2cb8b1ce17d8722836ec26b1b8cc1
SHA256

a3cd09616de6053da636542ac4297c3f665f16c11fa25a323f823c5357323c62
SHA512

b8644a5b77ac5fd3a043b9c128564d72381408b396e76daf198c3491c93aafd9375e8492985ff85cdf68748160cb726290edf74b4fbfafbdca519bb9f972d99f
SSDEEP

1536:HDhlYRHMsBYALC88clcAW0JAhSfwBeccuMfebBLnd1LUNQgxCtoCwhUv2CcHO0Lu:Hr+s3hjApdSeccVfm1ANQgxFRhMwup

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
455cbd925ab3487720eb6f5ff9b1ffdb_JaffaCakes118

Files

455cbd925ab3487720eb6f5ff9b1ffdb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e613fc6cd682f715075a2ad1fafe12e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CallNamedPipeA
OpenJobObjectA
IsBadWritePtr
GetSystemDirectoryA
FindResourceExA
OpenEventA
GetModuleHandleA
EraseTape
GetFileAttributesW
OpenFileMappingW
MoveFileW
IsValidCodePage
HeapAlloc

tapi32

MMCAddProvider
lineConfigDialogEditA
lineSetAgentMeasurementPeriod
lineSetTollList
lineMakeCallW
lineGetCountryA
lineGetAppPriority
lineSetupConferenceA
phoneGetButtonInfoW
phoneGetButtonInfo
lineSetupTransfer
lineSetTerminal
phoneConfigDialog
tapiRequestMakeCallW
lineSetupTransferA
lineMakeCall
lineGetAddressCapsW

msvcrt

??1bad_cast@@UAE@XZ
_mbsnbcnt
_adj_fdiv_r
??_7bad_typeid@@6B@
memcpy
__p__fmode
_cgets

winmm

waveOutPrepareHeader
joyGetDevCapsA
midiStreamProperty
mciSendCommandA
waveInGetErrorTextW
midiOutCacheDrumPatches
mmsystemGetVersion
waveInStart
waveOutSetPlaybackRate
midiInStop
mciGetErrorStringW
joyReleaseCapture
midiInMessage
mciSendStringW
PlaySoundW
DrvGetModuleHandle
midiInStart
joyGetDevCapsW

opengl32

glTexGendv
wglDescribePixelFormat
glRects
wglSwapMultipleBuffers
glStencilOp
glDebugEntry
glOrtho
glIndexMask
glTexCoord2iv
glScaled
glTexSubImage2D
glRectiv

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e613fc6cd682f715075a2ad1fafe12e

Headers

File Characteristics

Imports

kernel32

tapi32

msvcrt

winmm

opengl32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 78KB - Virtual size: 78KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 20B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 78KB - Virtual size: 78KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 20B