8700001f3e95375646e259ae2ecc8b32_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8700001f3e95375646e259ae2ecc8b32_JaffaCakes118
Size

46KB
MD5

8700001f3e95375646e259ae2ecc8b32
SHA1

f66819cfffd589a249f9f61c7524eb624510e6ae
SHA256

2ea781cab36bf35bcd1b5bd029994e9a29777eed3aad7834b2e40442352144f5
SHA512

d724ff95b6366e7ef119ddf72ef65b04ab7971191b8b99b17c840d0e5ba5c25528042c3666279957ccfee1f706c829afcbaa4435cb23aea39a62f865a1a25f71
SSDEEP

768:IFJSVdOChuUnacEFGV9BNG6pSyGnSawKG97rniZJmFFDBRCvLrYPiW9w8EAKNsXo:IF1I7a/GzvG6AnSawt5rAJmbAL7Rs4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8700001f3e95375646e259ae2ecc8b32_JaffaCakes118

Files

8700001f3e95375646e259ae2ecc8b32_JaffaCakes118
.dll windows:4 windows x86 arch:x86

418461cb24025e91aa31c22ae75e8602

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

winmm

waveInStop

ws2_32

listen

msvcrt

free

imm32

ImmGetContext

advapi32

RegCloseKey

shell32

ShellExecuteA

shlwapi

StrCmpW

ole32

CreateStreamOnHGlobal

psapi

GetModuleFileNameExA

avicap32

capCreateCaptureWindowA

user32

SetTimer

gdi32

BitBlt

Exports

Exports

gytfredwse
ServiceMain
rftgyhujk

Sections

.erdf
Size: 26KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rtfgy
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tgyh
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

edrft
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rtyhgj
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ytredf
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wsedrf
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wsedrf
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

418461cb24025e91aa31c22ae75e8602

Headers

File Characteristics

Imports

kernel32

winmm

ws2_32

msvcrt

imm32

advapi32

shell32

shlwapi

ole32

psapi

avicap32

user32

gdi32

Exports

Exports

Sections

.erdf Size: 26KB - Virtual size: 66KB

.rtfgy Size: 1024B - Virtual size: 7KB

.tgyh Size: 1024B - Virtual size: 2KB

edrft Size: - Virtual size: 4KB

rtyhgj Size: 3KB - Virtual size: 3KB

.rsrc Size: - Virtual size: 4KB

.ytredf Size: 2KB - Virtual size: 3KB

.wsedrf Size: 1024B - Virtual size: 4KB

.wsedrf Size: 2KB - Virtual size: 4KB

.erdf
Size: 26KB - Virtual size: 66KB

.rtfgy
Size: 1024B - Virtual size: 7KB

.tgyh
Size: 1024B - Virtual size: 2KB

edrft
Size: - Virtual size: 4KB

rtyhgj
Size: 3KB - Virtual size: 3KB

.rsrc
Size: - Virtual size: 4KB

.ytredf
Size: 2KB - Virtual size: 3KB

.wsedrf
Size: 1024B - Virtual size: 4KB

.wsedrf
Size: 2KB - Virtual size: 4KB