4cfaf34f8d3a1329fb942193c11a9667_JaffaCakes118

General

Target

4cfaf34f8d3a1329fb942193c11a9667_JaffaCakes118
Size

176KB
MD5

4cfaf34f8d3a1329fb942193c11a9667
SHA1

56d353db53ba46e9ed126a6ea7782b514616f873
SHA256

140994d22c3bcfcaa561eff63f903a41cf833f6192474c7c26c1f86eed28f45e
SHA512

07367f02e6c76fd203357cf93d408b893f1ff674c61f3e0142bb1be40aa2ff874a59d9d484e14b9f393ec306485823cd42334a240dd88d6a7b525b6eeb2d8ab1
SSDEEP

3072:PUR6K+5C4z0WlNT74YasDEvEVfY1hQqk/bvkPDLK0R1RgKkfhMveTejq:PUR6K+p7vDE8VfY1hUaDLJNnkSj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cfaf34f8d3a1329fb942193c11a9667_JaffaCakes118

Files

4cfaf34f8d3a1329fb942193c11a9667_JaffaCakes118
.dll windows:4 windows x86 arch:x86

46ebba5a558a1ac8bbee7dcd7c73dc10

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeviceIoControl
ExitProcess
FileTimeToSystemTime
FreeEnvironmentStringsA
GetACP
GetCommandLineA
GetCurrentProcessId
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedExchange
IsValidLocale
LeaveCriticalSection
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TlsGetValue
WriteConsoleA
lstrcatA
lstrcmpiA
lstrcpynA
lstrlenA

msvcrt

_exit
strspn
swscanf
__getmainargs
__p__commode
__p__fmode
__set_app_type
exit
time
free

user32

SetWindowTextA
DefFrameProcA
GetWindowDC
SetCursor

winmm

timeEndPeriod
sndPlaySoundA
joySetCapture
waveOutGetNumDevs

ole32

CreateAntiMoniker
CoCreateInstance
StringFromGUID2

shlwapi

PathFindFileNameA
PathStripPathA
StrStrW
PathRenameExtensionA

advapi32

AllocateAndInitializeSid
GetAuditedPermissionsFromAclA
RegQueryValueExW
RegisterEventSourceA
CloseEventLog
DuplicateTokenEx
RegisterServiceCtrlHandlerExA

Exports

Exports

D3D9UnregisterVertexBuffer
UnregisterFatBinary
WaitForDisc

Sections

.text
Size: 107KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46ebba5a558a1ac8bbee7dcd7c73dc10

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

winmm

ole32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 107KB - Virtual size: 204KB

.data Size: 66KB - Virtual size: 68KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 107KB - Virtual size: 204KB

.data
Size: 66KB - Virtual size: 68KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB