6ae92d41fe387b666a5b319ebceaf07a_JaffaCakes118

General

Target

6ae92d41fe387b666a5b319ebceaf07a_JaffaCakes118
Size

18KB
MD5

6ae92d41fe387b666a5b319ebceaf07a
SHA1

ae15d13b933c697b631dd68d8a93c6b7824a029b
SHA256

5b1e9f7a0bee485cf76cd21050a68ce3d2f49e4cc619e533f7fb6747f7c051f3
SHA512

f3b7aff6c14db501452e764baed98f9efd8e28f3ef1e4acf9f05bb3ab39d0bbdc6a78161a808c6b7b8270f5a6c4d9800d2edc61c55bbdc3717bc46ac7cf016f5
SSDEEP

384:j6ZM/g1bpGnINjDwiSBa9KeIdLzuW7VF2y:eWo1gItc7IVIxNVF2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ae92d41fe387b666a5b319ebceaf07a_JaffaCakes118

Files

6ae92d41fe387b666a5b319ebceaf07a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2c1f016dab54701d805f221240a9af2b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RemoveDirectoryW
GetPrivateProfileStringA
BeginUpdateResourceA
SleepEx
CallNamedPipeA
GetFileSize
IsBadReadPtr
GetCurrentProcess
CreateDirectoryA
DosPathToSessionPathA
GetVersion
GetEnvironmentVariableA
CreateMutexW
GetTempPathA
GetLastError
EraseTape
UnlockFile
RegisterWaitForInputIdle
AddAtomA

msvcrt

_splitpath
?set_terminate@@YAP6AXXZP6AXXZ@Z
_wcsicmp
memcpy
putwc
_ismbckata
_CIsqrt
iswctype
fabs

winmm

midiOutShortMsg
midiOutGetErrorTextW
waveInStop
waveOutMessage
waveOutBreakLoop
midiInClose

opengl32

glSelectBuffer
glTexCoord1s
glVertex3s
glPixelMapfv
glMapGrid2f
glGetLightiv
wglGetLayerPaletteEntries
glEvalCoord1fv
glBitmap
glPolygonMode

Exports

Exports

DkLvjbefl
GgyBlrsAcs
GjuHfdtWtxysi
LoNpsoljy
BlRcfx

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 38B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c1f016dab54701d805f221240a9af2b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

winmm

opengl32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 9KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 38B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 38B