69bcf20c8f782ac84180d521a16e84b1_JaffaCakes118

General

Target

69bcf20c8f782ac84180d521a16e84b1_JaffaCakes118
Size

128KB
MD5

69bcf20c8f782ac84180d521a16e84b1
SHA1

0e6e4e0cbde9f21681635b608a5f582a7f19fba5
SHA256

0fe2f1ba1759ad634e0c14bf67841e008dc6bf7e111cd36db571d08c1bb597b5
SHA512

045b1f7d671be625066f358c8cd8d7316a958f4a5e1402fb2ec7ec942bfc4bd4b614eb196d55fc5f4e8e1d3bc173a14054fb4861e47c78ae2dd02fea82aca49c
SSDEEP

1536:+lAp0/ZI5NP6rzTTfAiFyBQRSawH1qr+80bFZDsMvczOw5xHoDkA25ZDKMMiU1al:2prIh6pWsr+xZDsI8akp5hKMMiU1m9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69bcf20c8f782ac84180d521a16e84b1_JaffaCakes118

Files

69bcf20c8f782ac84180d521a16e84b1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3dd75a8c068a6d5e7f799a6411273458

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantClear
VariantCopyInd
SysAllocStringLen
SysFreeString
LoadTypeLib

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
StartServiceA
CloseServiceHandle
AdjustTokenPrivileges
OpenServiceA

ole32

CoCreateInstance
CoRegisterClassObject
CLSIDFromProgID
CoRegisterMessageFilter
CoResumeClassObjects
CreateOleAdviseHolder
StringFromGUID2
ReadClassStg
OleUninitialize
OleLockRunning
GetConvertStg
CreateStreamOnHGlobal
CLSIDFromString

kernel32

FlushFileBuffers
LoadLibraryA
LoadResource
WriteFile
TlsGetValue
MapViewOfFile
SleepEx
FreeResource

msvcrt

__getmainargs
memchr
free
fflush
exit
__set_app_type
__p__commode
memset
strcmp
memmove

opengl32

wglDeleteContext
wglCreateContext
wglMakeCurrent

gdi32

SetPixelFormat
ChoosePixelFormat

Exports

Exports

Afn
Mxt
Roh
Sxc
Tbp
Uwq
Xmp
Zig

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dd75a8c068a6d5e7f799a6411273458

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

kernel32

msvcrt

opengl32

gdi32

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 28KB

.rdata Size: 34KB - Virtual size: 36KB

.data Size: 31KB - Virtual size: 32KB

.idata Size: 10KB - Virtual size: 12KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 27KB - Virtual size: 28KB

.rdata
Size: 34KB - Virtual size: 36KB

.data
Size: 31KB - Virtual size: 32KB

.idata
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 24KB - Virtual size: 28KB