ce9cabfc7e2fd7c2638f932dbaeb249b_JaffaCakes118

General

Target

ce9cabfc7e2fd7c2638f932dbaeb249b_JaffaCakes118
Size

41KB
MD5

ce9cabfc7e2fd7c2638f932dbaeb249b
SHA1

1fe4a171b889142a2d2ef385c8c3914cf7be9482
SHA256

a6d217456dc23ccc1223a7e0ef4abb42c4527ce517b783a64cd3db06480dfab4
SHA512

14c0ba8c916ba0b851e26588b220a632bad22c3b9f75d860763bbeac0b6bb8f2894fc87fcfdcb0ab13556a1844e2e5a27083225a613425a2d04a99d11ec3c3f9
SSDEEP

768:jKeguRkKFr474CznwWci/S1JDjO38vfc+AqOOSt4VMwbClBNI4VrzP9yf+KHUG:jjvr47vNci/S6MXvkt6LbClTIwpyf+KH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce9cabfc7e2fd7c2638f932dbaeb249b_JaffaCakes118

Files

ce9cabfc7e2fd7c2638f932dbaeb249b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b3611e613464b3e264453b03b71e10a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryA
RtlFillMemory
GetStdHandle
GetCurrencyFormatW
GetCurrentProcess
EraseTape
IsBadStringPtrW
DeleteCriticalSection
EnumResourceNamesA
UnmapViewOfFile
GetPrivateProfileStructW
UpdateResourceA
CallNamedPipeA
GetPrivateProfileStringA
GetEnvironmentVariableA
GetFileSize
FindAtomA
GetLastError
VirtualAlloc
DeleteFileA

msvcrt

??0bad_cast@@QAE@ABV0@@Z
_mbcasemap
fopen
_ismbblead
_lseeki64
_ismbcpunct
memcpy
_sys_nerr
_ismbcdigit
_wcsncoll

winmm

timeKillEvent
mciGetDeviceIDA
mmGetCurrentTask
waveOutGetPosition
midiInReset
midiStreamProperty
waveOutPrepareHeader
mmioRenameA

opengl32

glTexCoord1d
glTexCoord3f
glTexSubImage1D
glDrawBuffer
glTexCoord1iv
glPopName
wglSwapMultipleBuffers
wglSetPixelFormat
glRasterPos2iv
glTexParameteriv
glColor3ui
glColor3ub
glEvalPoint1

Exports

Exports

XdqzYzbtyyMczdFe
AvdBrokHuylYukjjnLo
ZoArszKf
YfuHrypinCwwofanCjvzlpvDd
GdffiqgOp

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3611e613464b3e264453b03b71e10a2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

winmm

opengl32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 31KB - Virtual size: 31KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 28B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 31KB - Virtual size: 31KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 28B