bd0cf766c782118c8c12e0f95adcbbc7_JaffaCakes118 | Triage

Sharing

General

Target

bd0cf766c782118c8c12e0f95adcbbc7_JaffaCakes118
Size

128KB
MD5

bd0cf766c782118c8c12e0f95adcbbc7
SHA1

d1804e42e64d9e8828b54ff85dfbe780a5c3e84c
SHA256

9560d417572555bce54df5906811400ba938403bc12cc7492ab6ad5a6590833d
SHA512

9f5180c8bcf053d960ffbb20c2163d992158d66243ad752cefa01c43597c40b5a916db03978723300b512cdc1e44d9a08e500e04636c17974cd4f8a419924c0e
SSDEEP

3072:Og0ZrThJnJwgdvRDpw4Ww5yd9jyHIJs7XYKKMMiU1m9:OrHGuNweAxUIJaYKKNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd0cf766c782118c8c12e0f95adcbbc7_JaffaCakes118

Files

bd0cf766c782118c8c12e0f95adcbbc7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

97e9ed6b4e701a30e74dea0a3c3b3898

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen

advapi32

AdjustTokenPrivileges
InitializeSecurityDescriptor
OpenProcessToken
OpenServiceA
QueryServiceStatus
SetSecurityDescriptorDacl
StartServiceA
ControlService

ole32

WriteClassStg
StringFromGUID2
WriteFmtUserTypeStg
ReleaseStgMedium
RegisterDragDrop
OleUninitialize
CoResumeClassObjects
CoRegisterMessageFilter
CoInitialize
WriteClassStm
CoCreateGuid
OleSaveToStream

kernel32

lstrcpyA
WriteFile
UnmapViewOfFile
TlsSetValue
SetEndOfFile
LeaveCriticalSection
GetStartupInfoA
GetCommandLineA
ExitProcess
EnumResourceTypesA
CompareStringA
CloseHandle
SleepEx

Exports

Exports

Coi
Gnk
Hbo
Pil
Rxb
Rxm
Tpv
Tqa
Xix

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ