837454ba9d548cc695c0b29f3be8aae9_JaffaCakes118

General

Target

837454ba9d548cc695c0b29f3be8aae9_JaffaCakes118
Size

164KB
MD5

837454ba9d548cc695c0b29f3be8aae9
SHA1

769a6b4cf2cae4824e50edd202b74698d975c038
SHA256

763bc67c0be18f4266a22f6b8d38e08748e0d00b3f21ec68c0bf645ce0738df8
SHA512

dd42847f64b9898b4d0e05a9274714a77f0c223a7cf28103a0f3b85dd5091032f88c887fd330948cc6376d6e56333f93dbe8f5391aed5c1f497287ca9188f784
SSDEEP

1536:JkDNoT1u6Wjnoldo8WxJ/WICPwBPwEErIMokF6gL2sAc9nZeD+lyrpK3aa2s/6aZ:JkDNAWboldoNxJ/1CxdmDs5ZeprqaapZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
837454ba9d548cc695c0b29f3be8aae9_JaffaCakes118

Files

837454ba9d548cc695c0b29f3be8aae9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

45210a465732e343f02f2860aea01018

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStringTypeW
RtlUnwind
GetModuleHandleA
ExitProcess
GetProcAddress
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA

user32

GetCursorPos
MessageBoxA

dinput

DirectInputCreateA

Exports

Exports

SetLVRTModule
closeAllDevice
closeObject
getCursorPosition
getJoyInfo
getJoystickState
getKeyInfo
getKeyboardState
getMouseInfo
getMouseState
getMouseStateBothMode
inputSystemSetup
openDevice

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

45210a465732e343f02f2860aea01018

Headers

File Characteristics

Imports

kernel32

user32

dinput

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 2KB

.text Size: 124KB - Virtual size: 124KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 124KB - Virtual size: 124KB