b77dcec900d62d97a52b4ec6dfd7b014_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b77dcec900d62d97a52b4ec6dfd7b014_JaffaCakes118
Size

19KB
MD5

b77dcec900d62d97a52b4ec6dfd7b014
SHA1

a367b4b2d39beac83f90cc6b754cd552517c85fd
SHA256

747d556c9096af22c051b3ea5e913f6f7b40a64c4f421e7c898be35f37b9c480
SHA512

3bb7fe35a5d1a773b14fa41530b6061c098807ac27920f58499ce5a67a98a287f52cab3f5e93523c5c1e8f24e785806951c2bc5cfcb2493c7a43929ae28728ec
SSDEEP

384:7nByXM8j/Q/BFmuZOeFAsHSkx8+E9WLI6WdIbrSvI:7Byc8DQZ0uZOeRG16E0h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b77dcec900d62d97a52b4ec6dfd7b014_JaffaCakes118

Files

b77dcec900d62d97a52b4ec6dfd7b014_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d72dc01b5043896225b95bda53b91272

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVolumePathNameA
CreateDirectoryA
GetCurrencyFormatW
SetProcessWorkingSetSize
InterlockedIncrement
IsBadHugeReadPtr
IsBadHugeWritePtr
GetLastError
PulseEvent
GetBinaryType
UnlockFileEx
GetCommandLineA
IsValidLanguageGroup
GetLogicalDrives
SetEnvironmentVariableA
CallNamedPipeA
WriteProcessMemory
Beep
EraseTape
GetProfileStringA

tapi32

lineMonitorMedia
lineSendUserUserInfo
lineDrop
lineGetDevCapsW
lineSecureCall
GetTapi16CallbackMsg
MMCShutdown
lineGetID
lineGetAppPriority
phoneInitializeExA
lineSetStatusMessages
phoneSetLamp
lineSetTollListA
lineGetIDW
lineNegotiateAPIVersion

msvcrt

_lock
memcpy
_wspawnl
fprintf
_findnext64
clock
__wgetmainargs
_setmaxstdio
_spawnle
putwchar
iswcntrl
strtoul
ungetc
_strupr
?set_unexpected@@YAP6AXXZP6AXXZ@Z
_mbsnbcoll
__STRINGTOLD

winmm

waveOutGetVolume
mmTaskCreate
mciGetErrorStringW
midiInGetDevCapsA
midiOutCacheDrumPatches
mciSendCommandA
midiInGetErrorTextA
mixerGetNumDevs
waveInGetNumDevs
joyReleaseCapture
midiOutReset
timeKillEvent
midiStreamProperty
mciLoadCommandResource
mciSendStringW

opengl32

glTexCoord1dv
glStencilMask
glIndexfv
glLightModelf
glColorMask
glColor4ub
GlmfCloseMetaFile
glGetTexEnviv
glEndList
glColor3iv

Exports

Exports

TzobXnvwWp
ZnszHbflUyfb

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d72dc01b5043896225b95bda53b91272

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

tapi32

msvcrt

winmm

opengl32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 9KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 32B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 32B