b8c6fd76b60415438cb5f52692357862_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b8c6fd76b60415438cb5f52692357862_JaffaCakes118
Size

286KB
MD5

b8c6fd76b60415438cb5f52692357862
SHA1

5c32b77d0ac7d55d30494b93517aba201b05b3e2
SHA256

39df7a3166db10407a9fa2142aedb2fbb624b613858cafe5ef7a29c4f7b61d69
SHA512

a2d79f9b57d170b3b9e64bbf87f9c9e67c0ec55227778af4de86af448357ce396ad708cec94dee04ca3f4500c84a93c8afe148c72c5735bbe0e6fb8290d0252b
SSDEEP

6144:8SjzY2oDV8pfFrWyJMG+WvoavmYMhPHSjdf2yzhLGBUGlYI4P1vzKNP:85/DVaBXJMG+B+mYKPHGzhLtgYIAC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8c6fd76b60415438cb5f52692357862_JaffaCakes118

Files

b8c6fd76b60415438cb5f52692357862_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6a1a9fe3af87ec0f5857e1ddac28255a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

SetSecurityDescriptorDacl
QueryServiceStatus
OpenServiceA
OpenProcessToken
InitializeSecurityDescriptor
DeleteService
CreateServiceA
ControlService
AdjustTokenPrivileges

ole32

WriteFmtUserTypeStg
OleInitialize
GetConvertStg
CreateDataAdviseHolder
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
OleGetClipboard
CoRegisterMessageFilter
CoFileTimeNow

user32

OemToCharA
MessageBoxIndirectA
MessageBeep
GetFocus
GetDlgItem
DrawStateA
DestroyWindow
CreateIconFromResource
CreateDesktopW
CharToOemA
CharPrevA
ToAscii

shell32

SHGetFileInfoA
SHGetMalloc
SHFileOperationA

shlwapi

PathQuoteSpacesA
PathUnquoteSpacesA
SHAutoComplete
StrChrA
PathMatchSpecA
PathFindExtensionA
PathCompactPathExA
PathAppendA
PathIsRelativeA
PathIsDirectoryA
PathFindFileNameA
StrStrIA

msvcrt

strtol
sscanf
memchr
malloc
_except_handler3

kernel32

lstrcmpiA
lstrcpynA
SetCurrentDirectoryA
RtlUnwind
RaiseException
MapViewOfFile
LoadResource
LoadLibraryA
InitializeCriticalSection
GetStartupInfoA
EnumResourceNamesA
CloseHandle
lstrcmpA

Exports

Exports

Flm
Ggy
Gpd
Hys
Oox
Urb
Vxu
Zpk

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 166KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a1a9fe3af87ec0f5857e1ddac28255a

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 28KB

.rdata Size: 33KB - Virtual size: 36KB

.data Size: 34KB - Virtual size: 36KB

.idata Size: 166KB - Virtual size: 168KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 27KB - Virtual size: 28KB

.rdata
Size: 33KB - Virtual size: 36KB

.data
Size: 34KB - Virtual size: 36KB

.idata
Size: 166KB - Virtual size: 168KB

.rsrc
Size: 24KB - Virtual size: 28KB