ead7c6b51edb36e78021145b92f68686_JaffaCakes118

General

Target

ead7c6b51edb36e78021145b92f68686_JaffaCakes118
Size

187KB
MD5

ead7c6b51edb36e78021145b92f68686
SHA1

d7569a8b9421ee2c8a9ff88f85e0ac86f9937e1e
SHA256

dafa56e6f76c79a4acadde1504a3dafc914a5f058ebc7ecefdf1d8d65506a444
SHA512

cf14fbc49d5073f482f22254be4a5071249c7c3aa49ff4a73b31e84f7229437d100344c7982be5c420b007816e13dba86c3cd0105e137d7720afa4f03fb8f4ba
SSDEEP

3072:nOcljYZ5S971w9dyDY2PAgm81MZQ9BVeqAqleS8e/8hz8GGwoBjsoSYDZS/uppA8:OcljYy18yDY2Igm81WQ3VBAqsSt6AioI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ead7c6b51edb36e78021145b92f68686_JaffaCakes118

Files

ead7c6b51edb36e78021145b92f68686_JaffaCakes118
.dll windows:6 windows x86 arch:x86

523335c7648f7e0a24da1dc89005090b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e_daudf1.pdb

Imports

msvcrt

_wcsnicmp
memcpy
memset
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter

kernel32

HeapAlloc
CreateMutexW
WaitForSingleObject
CreateDirectoryW
SetFileAttributesW
GetFileSize
CreateFileW
GetLastError
WriteFile
ReadFile
WideCharToMultiByte
MultiByteToWideChar
ReleaseMutex
HeapFree
GetProcessHeap
HeapReAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
InterlockedCompareExchange
Sleep
InterlockedExchange
CloseHandle

advapi32

InitializeAcl
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
FreeSid
AddAccessAllowedAce
GetAce
SetSecurityDescriptorDacl

shell32

SHGetSpecialFolderPathW

Exports

Exports

EPAUDFCloseKey
EPAUDFCreateKeyExA
EPAUDFCreateKeyExW
EPAUDFDeleteKeyA
EPAUDFDeleteKeyW
EPAUDFDeleteValueA
EPAUDFDeleteValueW
EPAUDFEnumKeyExA
EPAUDFEnumKeyExW
EPAUDFEnumValueA
EPAUDFEnumValueW
EPAUDFOpenKeyExA
EPAUDFOpenKeyExW
EPAUDFQueryInfoKeyA
EPAUDFQueryInfoKeyW
EPAUDFQueryValueExA
EPAUDFQueryValueExW
EPAUDFSetValueExA
EPAUDFSetValueExW
EPAUDF_CreateOrOpenDataFile

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

523335c7648f7e0a24da1dc89005090b

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

advapi32

shell32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 165KB - Virtual size: 165KB

.rsrc Size: 1024B - Virtual size: 912B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 165KB - Virtual size: 165KB

.rsrc
Size: 1024B - Virtual size: 912B

.reloc
Size: 1KB - Virtual size: 1KB