c10f10bb353737a325df975ad5ce8bff_JaffaCakes118

General

Target

c10f10bb353737a325df975ad5ce8bff_JaffaCakes118
Size

228KB
MD5

c10f10bb353737a325df975ad5ce8bff
SHA1

1ffb89e6b2cc093e3f635f88a0b5f8e1eaadea51
SHA256

74e69e76c1875c5060894f8bf6a522467ff9543c2064539b246c3e831c67a6ff
SHA512

a5c19429a053a4b7e8da1ed558442872965472b4ee8503f8773a8890a2eea86c0ea3d1a33956c439d3f7011472a6be51d7ae7c7c831257778495b9efd59899f1
SSDEEP

6144:iMJr6zTS5sHVlrD5tPXe9KGMUm5j2jK+MIEXH:iMV5s1/e9FUjIM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c10f10bb353737a325df975ad5ce8bff_JaffaCakes118

Files

c10f10bb353737a325df975ad5ce8bff_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7a89bc0182841f595f18b975019cba0b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateEventA
CreateProcessA
DeleteCriticalSection
DeleteFileA
ExitProcess
FileTimeToSystemTime
GetACP
GetCommandLineA
GetCurrentDirectoryA
GetModuleFileNameA
GetModuleHandleA
GetProcessHeap
GetStringTypeW
GetSystemDirectoryA
GetTickCount
GetUserDefaultLCID
GetVersionExA
GlobalAddAtomA
HeapAlloc
HeapCreate
IsValidCodePage
LCMapStringW
MapViewOfFile
OpenEventA
OutputDebugStringA
RaiseException
ResetEvent
SetHandleCount
SetLastError
SetPriorityClass
SizeofResource
TlsAlloc
WriteConsoleA
lstrcpyA

advapi32

BuildTrusteeWithSidW
CloseEncryptedFileRaw
GetMultipleTrusteeOperationA
GetNamedSecurityInfoExA
GetSecurityDescriptorControl
GetServiceDisplayNameW
LsaEnumerateAccounts
QueryServiceObjectSecurity
RegReplaceKeyW
SetSecurityDescriptorControl

user32

InvalidateRect
RegisterClassExA
LoadAcceleratorsA
IsIconic
KillTimer
SetTimer
SendMessageTimeoutA
GetDlgCtrlID
EnumWindows
EnableMenuItem
CheckRadioButton
CheckMenuRadioItem
SetCapture
CallWindowProcA

ole32

CoIsOle1Class
IsEqualGUID
CoDeactivateObject

ddraw

DirectDrawEnumerateW
DirectDrawEnumerateExW
DirectDrawEnumerateExA
DSoundHelp
DDInternalUnlock
GetDDSurfaceLocal

Exports

Exports

EnumDriveModeRelease

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a89bc0182841f595f18b975019cba0b

Headers

File Characteristics

Imports

kernel32

advapi32

user32

ole32

ddraw

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 124KB

.data Size: 92KB - Virtual size: 156KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 124KB - Virtual size: 124KB

.data
Size: 92KB - Virtual size: 156KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB