84df03c158d5394884cdfc076883e663_JaffaCakes118

General

Target

84df03c158d5394884cdfc076883e663_JaffaCakes118
Size

19KB
MD5

84df03c158d5394884cdfc076883e663
SHA1

43deedb480e251b006aa5355ec0d031d1f5b4a3f
SHA256

f6ca4995ffaaeee9a53bae088e759ef010e91c68896e98fcc1bbd852686ab072
SHA512

9409797106bc29895a4dbf4150564e0bddf0d4ca0a527101a43daf9ef1495cc88abfb85b2ee312651e128325f34a848934ead4a0e6354961590b00edc007935a
SSDEEP

384:99hFpglx+Bbpq34hKivHW9n/PUoyZKkH6Zyx:99F6KbE4zOREoy5aZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84df03c158d5394884cdfc076883e663_JaffaCakes118

Files

84df03c158d5394884cdfc076883e663_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d93d8d13f90b744d8c3fe7f01d7a3475

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileStringA
UnmapViewOfFile
SetLastError
TlsFree
CreateDirectoryA
EraseTape
GetFileSize
GetProcessWorkingSetSize
GetCurrentProcess
GetOverlappedResult
GetLastError
CallNamedPipeA
GetEnvironmentVariableA
IsValidLanguageGroup
CloseProfileUserMapping

msvcrt

_findclose
strcpy
_safe_fprem1
tan
_CIacos
_strdup
_CIlog10
memcpy
_getdllprocaddr
_toupper
_wenviron
?_query_new_mode@@YAHXZ
_mbsnbcnt
strtod
??_G__non_rtti_object@@UAEPAXI@Z
__p___argv
__lc_codepage
_setjmp3

winmm

midiInReset
midiOutClose
midiInGetErrorTextA
waveInGetPosition
midiOutPrepareHeader

opengl32

glLightf
glNormal3s
GlmfInitPlayback
glAreTexturesResident
glTranslated
glColor3iv

Exports

Exports

FmgwxsuEscsjCxs
QqocSi
ElqntnCpfxz
GxmfBfewucZka
XguzouJvrcqq

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d93d8d13f90b744d8c3fe7f01d7a3475

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

winmm

opengl32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 9KB - Virtual size: 9KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 28B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 28B