b0a434febf2f61750158f389a2ca7679_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b0a434febf2f61750158f389a2ca7679_JaffaCakes118
Size

1.8MB
MD5

b0a434febf2f61750158f389a2ca7679
SHA1

0eabac2159b8a95ec2ce56058fedc77dc8a3d580
SHA256

0524d2afaf6fb34e553a5443fb6348b22d8290412af686d063789973dc8d6657
SHA512

2ad9fa4bdfebbd20eebc6881d3d8c9ef5a2c23623b70919dfa75d5f4662e58ecf99b38569a5e9434db012e470a07ee4f271fcd82a0a075f3817f984778790a92
SSDEEP

24576:4NVU/syWgII11FoU/VKcJJQ7FDRKSyGK7NV+sIpXg0sUUz0p8TjIjgdKSa6/W6yg:41KIIlL+4ZxJIOUUzRTjygdf3nyty3MU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0a434febf2f61750158f389a2ca7679_JaffaCakes118

Files

b0a434febf2f61750158f389a2ca7679_JaffaCakes118
.dll windows:5 windows x86 arch:x86

55fefec723f6838ab9f652bfdb18cb7e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutUnprepareHeader

ws2_32

recv

rasapi32

RasHangUpA

kernel32

MultiByteToWideChar

user32

CreateAcceleratorTableA

gdi32

PtVisible

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

DragQueryFileA

ole32

CLSIDFromString

oleaut32

LoadTypeLi

comctl32

ImageList_Add

wininet

InternetCloseHandle

comdlg32

ChooseColorA

msvcrt

__dllonexit

psapi

GetMappedFileNameW

Exports

Exports

_��ӳ��
uhu
��͸��

Sections

.text
Size: 480KB - Virtual size: 1012KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55fefec723f6838ab9f652bfdb18cb7e

Headers

File Characteristics

Imports

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

wininet

comdlg32

msvcrt

psapi

Exports

Exports

Sections

.text Size: 480KB - Virtual size: 1012KB

.sedata Size: 1.3MB - Virtual size: 1.3MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 480KB - Virtual size: 1012KB

.sedata
Size: 1.3MB - Virtual size: 1.3MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB