5e9998e9d32940a8d59a97d54c15c7bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5e9998e9d32940a8d59a97d54c15c7bc_JaffaCakes118
Size

45KB
MD5

5e9998e9d32940a8d59a97d54c15c7bc
SHA1

f712eec0b5bead43313da709d8db8612cfb0fc1b
SHA256

c38c8d99269c6ada9d5bb5ed090f61dcc8c90fbfb873804f2b86fb0f0c047115
SHA512

ac66616dcf613177d06758ef2f26834f313745c8b40647c84ca8cd01ccbf10a52218944e4e28195f2c48ca27b62721cbbf7769f8850c5877c9ce3c322f52756f
SSDEEP

768:U+745N1osMVujCFyFt/Z7YAPiJr1xHtSDD4qjllNBq3WrA1ImAemuKUgKVVaKS8L:X7453oFVu2yF/zPitsDDbrVr0ImHCmVP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e9998e9d32940a8d59a97d54c15c7bc_JaffaCakes118

Files

5e9998e9d32940a8d59a97d54c15c7bc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

aa68c0b7f3e701f7c0a3eceb675f6fb6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

imm32

ImmGetContext

gdi32

BitBlt

avicap32

capCreateCaptureWindowA

winmm

waveInStop

ole32

CreateStreamOnHGlobal

user32

IsWindow

advapi32

RegCloseKey

ws2_32

listen

shlwapi

StrCmpW

msvcrt

free

shell32

ShellExecuteA

psapi

GetModuleFileNameExA

Exports

Exports

thjmnbcxzz
DoService
ServiceMain

Sections

.rtgy
Size: 26KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tyhuj
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uiok
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uijko
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rtfgy
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erdfcv
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wsedrf
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aa68c0b7f3e701f7c0a3eceb675f6fb6

Headers

File Characteristics

Imports

kernel32

imm32

gdi32

avicap32

winmm

ole32

user32

advapi32

ws2_32

shlwapi

msvcrt

shell32

psapi

Exports

Exports

Sections

.rtgy Size: 26KB - Virtual size: 66KB

.tyhuj Size: 1024B - Virtual size: 7KB

.uiok Size: 1024B - Virtual size: 1KB

uijko Size: - Virtual size: 4KB

.rtfgy Size: 3KB - Virtual size: 3KB

.rsrc Size: - Virtual size: 4KB

.erdfcv Size: 2KB - Virtual size: 3KB

.wsedrf Size: 2KB - Virtual size: 4KB

.rtgy
Size: 26KB - Virtual size: 66KB

.tyhuj
Size: 1024B - Virtual size: 7KB

.uiok
Size: 1024B - Virtual size: 1KB

uijko
Size: - Virtual size: 4KB

.rtfgy
Size: 3KB - Virtual size: 3KB

.rsrc
Size: - Virtual size: 4KB

.erdfcv
Size: 2KB - Virtual size: 3KB

.wsedrf
Size: 2KB - Virtual size: 4KB