731c7fd5006df3cc3ab01134ca3f94de_JaffaCakes118

General

Target

731c7fd5006df3cc3ab01134ca3f94de_JaffaCakes118
Size

18KB
MD5

731c7fd5006df3cc3ab01134ca3f94de
SHA1

fd568aa7ec400b46de0410868d86ea66993b2793
SHA256

efaa0bc0adc32682b3ff70985998bed28aea3fea013e0c64fd2473eaf6bea372
SHA512

b9321f5618e7d0c5e7e6e612790ff22aea8d54b430e004d789ecec6f2275c7f74d8ab93b35cdf2b18dee5f3d0d7e6ee00d516019a60e9e6cb5343ac792fea4f8
SSDEEP

384:brMKB+vh5tDPY2yMiqTFtPpweR+keA8iRWZ4HR:sKBWLtRiqLx/5e5iko

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
731c7fd5006df3cc3ab01134ca3f94de_JaffaCakes118

Files

731c7fd5006df3cc3ab01134ca3f94de_JaffaCakes118
.dll windows:4 windows x86 arch:x86

331dfe50c4eb0e25d3bdc744c8a09dbc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
CreateDirectoryA
CallNamedPipeA
GetProfileStringW
FlushViewOfFile
CreateDirectoryExA
VerifyVersionInfoW
GetFileAttributesA
GetTempPathA
GetCommandLineA
DeleteFileA
EraseTape

msvcrt

_execve
_wstrdate
??4bad_cast@@QAEAAV0@ABV0@@Z
__wargv
_wpopen
_findfirst
_adj_fdiv_m16i
_fmode
_lock
_write
_inpw
memcpy
_sys_errlist
_atoi64

winmm

mciGetDeviceIDW
midiInStop
mciGetErrorStringW
midiStreamPause
waveInReset
midiInStart
sndPlaySoundW
PlaySoundA
mmioWrite
auxGetDevCapsW
midiStreamProperty
mmioDescend
mmGetCurrentTask
waveOutClose
midiOutGetVolume
joyConfigChanged
mmioOpenW
mmioRenameA
mmioStringToFOURCCA

opengl32

glCopyPixels
glRasterPos4i
glLightf
glColor4f
glTexCoord3f
glClearDepth
glTexParameteri
glTexCoord2iv
glFlush
glPopMatrix

Exports

Exports

VmJtxr
RkLkifMybtrbjVpqlcz
FdzQuzvtcPidyeppLwttog
KomhiloRkdyOwxa

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 22B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

331dfe50c4eb0e25d3bdc744c8a09dbc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

winmm

opengl32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 9KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 22B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 22B