d6850182b68ca580ccbda05310b6cecd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d6850182b68ca580ccbda05310b6cecd_JaffaCakes118
Size

432KB
MD5

d6850182b68ca580ccbda05310b6cecd
SHA1

b9e6c244fc9b975df64ed6d72b6c6636cd48e611
SHA256

d40fc27febaf8f62986a287da5f4d6247ad5c1cd8b3bc3f585888fd88f9278b3
SHA512

84a33982ad911929c848e777a1bd7f7b552532d641951a8477ab2904f91948969bde2a4e5fd55bd551a801dd7cf1fa4d93a4258bebf64eb7d467a436acd9f527
SSDEEP

6144:W1kvz8jahVVi/AjYEbIgTnIpDTVah19ayTkm3UpmPxXWrTcMqL:Ekb8eh6/bEbNryD219AcU8PtWnc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6850182b68ca580ccbda05310b6cecd_JaffaCakes118

Files

d6850182b68ca580ccbda05310b6cecd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0c1937371ccf435526bfaa77ee00457b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHEnumKeyExA
UrlCanonicalizeA

kernel32

GetFileAttributesA
ReplaceFileA
CreateHardLinkA
ExitProcess
GetComputerNameA
GetFileType
CancelIo
BackupRead
lstrcmpA
lstrlenA
SetCurrentDirectoryA
FlushViewOfFile
GetWindowsDirectoryW
GetSystemDirectoryW
GetSystemDirectoryA
GetComputerNameW
GetCurrentDirectoryW
lstrcmpW
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentDirectoryA

advapi32

GetUserNameA
GetUserNameW

winmm

DrvGetModuleHandle
GetDriverModuleHandle
auxGetVolume

Exports

Exports

fmmmcqnku

Sections

.code
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 364KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c1937371ccf435526bfaa77ee00457b

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

winmm

Exports

Exports

Sections

.code Size: 36KB - Virtual size: 33KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 364KB - Virtual size: 361KB

.rdata Size: 4KB - Virtual size: 1B

.text Size: 4KB - Virtual size: 1B

.rsrc Size: 4KB - Virtual size: 1B

.rdata Size: 4KB - Virtual size: 1B

.rsrc Size: 4KB - Virtual size: 792B

.reloc Size: 4KB - Virtual size: 1KB

.code
Size: 36KB - Virtual size: 33KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 364KB - Virtual size: 361KB

.rdata
Size: 4KB - Virtual size: 1B

.text
Size: 4KB - Virtual size: 1B

.rsrc
Size: 4KB - Virtual size: 1B

.rdata
Size: 4KB - Virtual size: 1B

.rsrc
Size: 4KB - Virtual size: 792B

.reloc
Size: 4KB - Virtual size: 1KB