4db3142e8a083365d73ce6e4439b385b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4db3142e8a083365d73ce6e4439b385b_JaffaCakes118
Size

220KB
MD5

4db3142e8a083365d73ce6e4439b385b
SHA1

8d8a54a2570f846a5f3c5942c9c4694cbd8f3f49
SHA256

8263ea52268c6cfa4ddebcffd513a458e9c477e8c72c770b4e73daadc6b969f9
SHA512

da24bec8978edde26a68447829c58511399f7029e64b14e78e7fb3fa7dec4f2aef795c11e92af6ea8fbb9349c8d114b0d9f976d6c20fe528419a92f533435370
SSDEEP

3072:q8IRv0u3k8QRiZzOY8dzXbWwE8kVjwRTZyrR8PJ4HQtsEjPJmiqhoIPm0PueydoX:OckBYhaRsRtK8hOQRj3dI7ueGOmL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4db3142e8a083365d73ce6e4439b385b_JaffaCakes118

Files

4db3142e8a083365d73ce6e4439b385b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e84979b4771a6758dd1fe8020ee29298

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CompareStringA
CompareStringW
DeleteCriticalSection
ExitProcess
FindFirstFileA
GetCommandLineA
GetConsoleCP
GetDriveTypeA
GetLastError
GetModuleHandleA
GetPriorityClass
GetStringTypeW
GetSystemDirectoryA
GetSystemInfo
GetUserDefaultLCID
GetVersionExA
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedIncrement
IsDebuggerPresent
LocalFree
MultiByteToWideChar
OpenEventA
RtlUnwind
SetEnvironmentVariableA
SetFilePointer
SetLastError
SetUnhandledExceptionFilter
TerminateThread
lstrcpynA

user32

SetWindowPos
SetUserObjectSecurity
SetForegroundWindow
SetCapture
RegisterClassExA
OpenClipboard
MsgWaitForMultipleObjects
InvalidateRect
GetSysColorBrush
GetSubMenu
ExitWindowsEx
EmptyClipboard
wsprintfA
InvalidateRgn

advapi32

CloseEncryptedFileRaw
SetSecurityDescriptorRMControl
LsaSetSecurityObject
ImpersonateAnonymousToken
GetTrusteeNameA
LsaSetInformationTrustedDomain
GetAuditedPermissionsFromAclA
ElfReadEventLogA
CryptSetProviderExW
CryptEnumProvidersA
CreateServiceW
CreateServiceA
LsaLookupSids
ConvertToAutoInheritPrivateObjectSecurity

ddraw

DDInternalLock
DSoundHelp
DirectDrawCreateClipper
DirectDrawCreateEx
DirectDrawEnumerateA
DirectDrawEnumerateExA
DirectDrawEnumerateExW
GetDDSurfaceLocal
GetSurfaceFromDC
DirectDrawCreate

ole32

CoCreateInstance
CoRevertToSelf
CreateAntiMoniker
IsEqualGUID

Exports

Exports

GetCDInfo

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e84979b4771a6758dd1fe8020ee29298

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ddraw

ole32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 116KB

.data Size: 92KB - Virtual size: 164KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 116KB - Virtual size: 116KB

.data
Size: 92KB - Virtual size: 164KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB