652326988cb0490c1ba3deb446bfb8bb_JaffaCakes118

General

Target

652326988cb0490c1ba3deb446bfb8bb_JaffaCakes118
Size

40KB
MD5

652326988cb0490c1ba3deb446bfb8bb
SHA1

b7525ad8e5c4364d87e26d2a91b95bb9a01c4480
SHA256

4c9ea575cbb1328bc82cd2993ff82a7e3485adf6c35e86695e33f8e73c2fefd2
SHA512

d4f4daeed58df54c5ef276d7e9363e07fb6e4a4b34679701488fb0715b80dc64eadac67540b11f4a255a8607bf1f6a57c3fd09a8986ca25a5f50cedbd6bedc76
SSDEEP

768:pO8S+nRfIPfH7FtD/V1ktAO9NgIVLkV4DCPbEeCKF4BkkfIfstrstEO:pS+Rofbl1OA4cVQCPIlS+VIERsiO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
652326988cb0490c1ba3deb446bfb8bb_JaffaCakes118

Files

652326988cb0490c1ba3deb446bfb8bb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5d1d475a9493814242acd658d9d08f44

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
CallNamedPipeA
IsValidCodePage
GetEnvironmentStrings
GetCurrentProcess
EraseTape
CreateMailslotA
FindResourceA
SetEnvironmentVariableA
GetEnvironmentVariableA
SetFilePointer
GetComputerNameA
SetCurrentDirectoryA
FlushViewOfFile
GetTempPathA
GetLastError
CreateDirectoryA
GetFileSize
MapViewOfFileEx

msvcrt

wprintf
_beginthread
iswlower
__p__mbctype
_mbsnbcmp
_ecvt
_amsg_exit
_toupper
_mbsncat
__wgetmainargs
_gcvt
_lfind
memcpy

winmm

midiStreamPosition
waveOutBreakLoop
waveOutWrite
midiOutGetNumDevs
timeSetEvent
mciGetErrorStringA
midiInStop
mciGetYieldProc
mmsystemGetVersion
midiOutGetVolume
timeGetSystemTime
midiStreamOpen
mixerGetLineInfoW
midiOutGetErrorTextW
mmioRenameW
DefDriverProc

opengl32

glTranslated
glGetPolygonStipple
glScaled
glColor3fv
glDrawElements
wglSwapBuffers
glPushMatrix
glTexCoord2i
glFeedbackBuffer
glVertex2sv
glGetIntegerv

Exports

Exports

UoxxygtIcsm
NgtKefzw
FkxMsubzYkqa
YmcHdccuxeWng
CbvyjntBlldoopAhlvo

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 34B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d1d475a9493814242acd658d9d08f44

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

winmm

opengl32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 31KB - Virtual size: 31KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 34B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 31KB - Virtual size: 31KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 34B