aef85b57144eafc7f714ac479a6ffe5b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aef85b57144eafc7f714ac479a6ffe5b_JaffaCakes118
Size

41KB
MD5

aef85b57144eafc7f714ac479a6ffe5b
SHA1

136d4acdb573b949980cf2a598b235e0659fe906
SHA256

2d6eeb3c04d9ef7921d0b12f330b17c29a3357b6f974b7e4e0e1161ad5b05c6d
SHA512

5d2189960a3d2d8122982ba67fe269ba242f3b7d606165a44689b4a489238c80bb713f95335911fdbea3c2fd1c189fe4236c7cb03c76f42f438c7d3930d7b70d
SSDEEP

768:79ASu+fPFFR+twkG2Ht7ZaWmldBbOMHnuqEXBcV5t6eDYYPZMz8o:6B+fPrQwp6tXUdBqMHnGuXt6elZMz8o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aef85b57144eafc7f714ac479a6ffe5b_JaffaCakes118

Files

aef85b57144eafc7f714ac479a6ffe5b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5484ac684827337950baab337cce2e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

psapi

GetModuleFileNameExA

advapi32

RegCloseKey

ws2_32

listen

imm32

ImmGetContext

shlwapi

StrChrA

avicap32

capCreateCaptureWindowA

gdi32

BitBlt

user32

IsWindow

winmm

waveInStop

msvcrt

free

ole32

CreateStreamOnHGlobal

shell32

ShellExecuteA

Exports

Exports

Qy001DoMainWSSK
222222222222
ServiceMain

Sections

.guoc
Size: 26KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.guocy
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.guof
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

guocy
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gyuio
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.guocyok
Size: 6KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5484ac684827337950baab337cce2e7b

Headers

File Characteristics

Imports

kernel32

psapi

advapi32

ws2_32

imm32

shlwapi

avicap32

gdi32

user32

winmm

msvcrt

ole32

shell32

Exports

Exports

Sections

.guoc Size: 26KB - Virtual size: 66KB

.guocy Size: 1024B - Virtual size: 6KB

.guof Size: 1024B - Virtual size: 2KB

guocy Size: - Virtual size: 4KB

.gyuio Size: 3KB - Virtual size: 3KB

.rsrc Size: - Virtual size: 4KB

. Size: 2KB - Virtual size: 3KB

.guocyok Size: 6KB - Virtual size: 4KB

.guoc
Size: 26KB - Virtual size: 66KB

.guocy
Size: 1024B - Virtual size: 6KB

.guof
Size: 1024B - Virtual size: 2KB

guocy
Size: - Virtual size: 4KB

.gyuio
Size: 3KB - Virtual size: 3KB

.rsrc
Size: - Virtual size: 4KB

.
Size: 2KB - Virtual size: 3KB

.guocyok
Size: 6KB - Virtual size: 4KB