b6b4eb555f3a50752f9d2a1b76121654_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b6b4eb555f3a50752f9d2a1b76121654_JaffaCakes118
Size

131KB
MD5

b6b4eb555f3a50752f9d2a1b76121654
SHA1

b79229838699d1c91927acdc76017d02c5b57bc2
SHA256

59b60d41917f24536991f39962857d6f410c60481171d60bb90f6f7a8dafebf8
SHA512

03b5cc4d2ff2f9fc66629db6ddc7f7303320d7979773a02727b4084e49375d504072f64bfbb42340162a5ac39ab7aac3d0aa51410056ee56b96c432966db5cc8
SSDEEP

3072:ht1B7UpOWNqtt32gRqfdBw7i0KMMiU1m9:ht1gOWYtGg4Gi0KNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6b4eb555f3a50752f9d2a1b76121654_JaffaCakes118

Files

b6b4eb555f3a50752f9d2a1b76121654_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8df7a152787979df642a5a648fe82227

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

OpenServiceA
QueryServiceStatus
SetSecurityDescriptorDacl
StartServiceA
AdjustTokenPrivileges
OpenProcessToken
CloseServiceHandle
ControlService
CreateServiceA
DeleteService
InitializeSecurityDescriptor

ole32

WriteFmtUserTypeStg
StgCreateDocfileOnILockBytes
ReadClassStg
OleSetClipboard
GetRunningObjectTable
CLSIDFromString
GetConvertStg
CreateFileMoniker
CoUninitialize
CoLockObjectExternal
CoGetClassObject
WriteClassStm

user32

SetMenuInfo
OemToCharA
LoadMenuA
LoadAcceleratorsW
GetDC
GetCursor
CreateIconFromResource
CreateDialogParamA
CharNextA

shell32

SHGetFileInfoA
SHFileOperationA
SHGetMalloc
SHBindToParent

shlwapi

StrStrIA
PathIsRootA
PathIsRelativeA
PathIsDirectoryA
StrChrA
PathFindExtensionA
PathFileExistsA
PathCompactPathExA
PathCanonicalizeA
PathAppendA
SHAutoComplete
PathUnquoteSpacesA
PathQuoteSpacesA
PathFindFileNameA
PathMatchSpecA

msvcrt

time
strlen
__set_app_type
sscanf
realloc
memcpy
memchr
malloc
free
fflush
memmove

kernel32

SetCurrentDirectoryA
UnmapViewOfFile
lstrcatA
lstrcmpA
lstrlenA
OpenFile
LoadLibraryA
HeapAlloc
FindResourceA
CompareStringA
OpenFileMappingA

Exports

Exports

Hvy
Sgx
Yle

Sections

.text
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8df7a152787979df642a5a648fe82227

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 32KB

.rdata Size: 28KB - Virtual size: 32KB

.data Size: 35KB - Virtual size: 36KB

.idata Size: 10KB - Virtual size: 12KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 31KB - Virtual size: 32KB

.rdata
Size: 28KB - Virtual size: 32KB

.data
Size: 35KB - Virtual size: 36KB

.idata
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 24KB - Virtual size: 28KB