a1ca31d34ed93193dc938eafca07d5b0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a1ca31d34ed93193dc938eafca07d5b0_JaffaCakes118
Size

110KB
MD5

a1ca31d34ed93193dc938eafca07d5b0
SHA1

c8abb61fa35961fd67603ba58323599d0582f9e3
SHA256

58351738acfc223826d61e411c813eca1ed286ace125a152146dbac245125c81
SHA512

678ae2e60ccda3dec5c13df9d652297e51c49f141fb590ae31d8aacc28ab23d3001a5859fbcc7d073496668f8b836fce5ec63f08045777b1b6ca765533055252
SSDEEP

3072:keW1mr09EGTxQLvGME8xtUCBXCKMMiU1m9:kv1a09E2kz1CKNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1ca31d34ed93193dc938eafca07d5b0_JaffaCakes118

Files

a1ca31d34ed93193dc938eafca07d5b0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7d4d7b1719fa854e3ca4ef17eb59a741

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

ControlService
DeleteService
InitializeSecurityDescriptor
OpenServiceA
QueryServiceStatus
SetSecurityDescriptorDacl
CloseServiceHandle
AdjustTokenPrivileges
StartServiceA

ole32

ReleaseStgMedium
StgCreateDocfileOnILockBytes
StringFromGUID2
OleUninitialize
OleLockRunning
CreateILockBytesOnHGlobal
CreateDataAdviseHolder
CreateBindCtx
CoUninitialize
CLSIDFromProgID
CoRevokeClassObject
CoInitialize
CoGetMalloc
CoDisconnectObject
CoCreateGuid
OleFlushClipboard

user32

CreateMDIWindowA
CreateCursor
CloseWindow
CharPrevA
BeginPaint
EnableMenuItem

shell32

SHBindToParent
SHGetFileInfoA
SHGetMalloc
SHFileOperationA

shlwapi

StrChrA
StrStrIA
PathIsRelativeA
SHAutoComplete
PathFindFileNameA
PathFindExtensionA
PathFileExistsA
PathCompactPathExA
PathCanonicalizeA
PathUnquoteSpacesA
PathQuoteSpacesA
PathMatchSpecA
PathIsDirectoryA
PathIsRootA

msvcrt

sscanf
vsprintf
sprintf
realloc
rand
malloc
_errno
__dllonexit
__set_app_type
strchr

kernel32

lstrcmpiA
Sleep
GetStartupInfoA
GetModuleHandleA
GetLocalTime
GetLastError
lstrlenA

Exports

Exports

Vii
Xsz

Sections

.text
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d4d7b1719fa854e3ca4ef17eb59a741

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 32KB

.rdata Size: 29KB - Virtual size: 32KB

.data Size: 23KB - Virtual size: 24KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 29KB - Virtual size: 32KB

.rdata
Size: 29KB - Virtual size: 32KB

.data
Size: 23KB - Virtual size: 24KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB