db1f8468238b42b74e34729e2c53efd0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db1f8468238b42b74e34729e2c53efd0_JaffaCakes118
Size

131KB
MD5

db1f8468238b42b74e34729e2c53efd0
SHA1

e9f41685e290aab9ef94686ac9a7b01064416923
SHA256

012c554cd6e3ec1f0f122b32a20a270b4dea29887de6a4df9b49a8d6eb9c615a
SHA512

d14b6d00318b580a3fadf1575ad5e3364747855772b943dc92242d74b125d9db31e44f578e90c4cc8fb1be28e6214f2b5fa3dc7dbd2f42e62b514aff611a4909
SSDEEP

3072:uStgpPOWSCO5W21179UVAAFitfn3YzCqrKuRFKFcI:ptG3SxJUVAozPKi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db1f8468238b42b74e34729e2c53efd0_JaffaCakes118

Files

db1f8468238b42b74e34729e2c53efd0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fb13fc586908b5c98f8b9852168529a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ExitWindowsEx

gdi32

GetDIBits

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

CreateStreamOnHGlobal

ws2_32

listen

shlwapi

StrRChrA

psapi

GetModuleFileNameExA

imm32

ImmReleaseContext

avicap32

capCreateCaptureWindowA

winmm

waveInUnprepareHeader

msvcrt

strrchr

kernel32

OpenProcess
GetModuleHandleA
GetProcAddress
VirtualProtect

Exports

Exports

Qy001DoMainWssk
Qy001Service
ServiceMain

Sections

.text
Size: - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�l��
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�"��
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb13fc586908b5c98f8b9852168529a0

Headers

File Characteristics

Imports

user32

gdi32

advapi32

shell32

ole32

ws2_32

shlwapi

psapi

imm32

avicap32

winmm

msvcrt

kernel32

Exports

Exports

Sections

.text Size: - Virtual size: 66KB

.rdata Size: - Virtual size: 6KB

.data Size: - Virtual size: 2KB

Size: - Virtual size: 4KB

�l�� Size: - Virtual size: 3KB

�"�� Size: - Virtual size: 80KB

��� Size: 126KB - Virtual size: 125KB

.reloc Size: 512B - Virtual size: 184B

.text
Size: - Virtual size: 66KB

.rdata
Size: - Virtual size: 6KB

.data
Size: - Virtual size: 2KB

�l��
Size: - Virtual size: 3KB

�"��
Size: - Virtual size: 80KB

��
Size: 126KB - Virtual size: 125KB

.reloc
Size: 512B - Virtual size: 184B