dbdbcc44bdf2f621f60427604b473b20_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dbdbcc44bdf2f621f60427604b473b20_JaffaCakes118
Size

493KB
MD5

dbdbcc44bdf2f621f60427604b473b20
SHA1

1ffc52d94be7bcc4c98021b65d0c03668e7a29bb
SHA256

452baf51883cded9315e7bbcd5da73b8b8e62164a71709f4e912b0cb8d2f94fc
SHA512

07d2dd0b62d0e2c734e76fc80245f64ce21ebf1edb8bc0c1f341790d7762bed74b258f662082f7e17a5713d72a8930c57a8764a6fa9930cd224a2cd4068a8ba2
SSDEEP

12288:QOqUPEUjKvOHadPn4fkNjPQJ3mMmPpGUHUnzGpbOofbI:QKjKvOH2v4fkNUJWpB0zGlOos

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbdbcc44bdf2f621f60427604b473b20_JaffaCakes118

Files

dbdbcc44bdf2f621f60427604b473b20_JaffaCakes118
.dll windows:4 windows x86 arch:x86

112100b6015a471f60c08116d6d592fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
LoadLibraryA
VirtualProtect
GetModuleFileNameA
ExitProcess

user32

SetCapture
MessageBoxA

gdi32

DeleteDC

advapi32

LsaRetrievePrivateData

shell32

SHGetSpecialFolderPathA

shlwapi

SHDeleteKeyA

msvcrt

_adjust_fdiv

winmm

waveOutClose

ws2_32

gethostname

msvcp60

?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z

imm32

ImmReleaseContext

wininet

InternetOpenA

avicap32

capGetDriverDescriptionA

msvfw32

ICSeqCompressFrame

psapi

EnumProcessModules

wtsapi32

WTSFreeMemory

Exports

Exports

FuckYourMM
GetHide
Nod32
Rising
ServiceMain
XServiceMainX
XsvchostSvchostX
XsvchostdllX
kav

Sections

.text
Size: - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

0
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: - Virtual size: 345KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

2
Size: 490KB - Virtual size: 489KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

112100b6015a471f60c08116d6d592fa

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

msvcrt

winmm

ws2_32

msvcp60

imm32

wininet

avicap32

msvfw32

psapi

wtsapi32

Exports

Exports

Sections

.text Size: - Virtual size: 74KB

.rdata Size: - Virtual size: 14KB

.data Size: - Virtual size: 9KB

.rsrc Size: 1KB - Virtual size: 105KB

0 Size: - Virtual size: 4KB

1 Size: - Virtual size: 345KB

2 Size: 490KB - Virtual size: 489KB

.reloc Size: 512B - Virtual size: 96B

.text
Size: - Virtual size: 74KB

.rdata
Size: - Virtual size: 14KB

.data
Size: - Virtual size: 9KB

.rsrc
Size: 1KB - Virtual size: 105KB

0
Size: - Virtual size: 4KB

1
Size: - Virtual size: 345KB

2
Size: 490KB - Virtual size: 489KB

.reloc
Size: 512B - Virtual size: 96B