f7111bcee875e7ff9f28ad1a10bf88df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f7111bcee875e7ff9f28ad1a10bf88df_JaffaCakes118
Size

105KB
MD5

f7111bcee875e7ff9f28ad1a10bf88df
SHA1

07faa119448d53c492121b2750ee0cec4cf30328
SHA256

c0feef1f780a2b713d828995edeb7e7b00b164a544faf24346b967b7f25c5775
SHA512

5f7e0563fb5cb460c3ea88b7be7ba80b0e927196440248ed85119fa061ce25920f60dd8e01a5a45bdf010d80693cde30558741e83200f201f2f7fbf7258cb152
SSDEEP

3072:RNXA9llP9DWS8S3w0zb8tyC9W4lED0WUD4pEKMMiU1m9:RNXmllF6S8uRwthlED0WG42KNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7111bcee875e7ff9f28ad1a10bf88df_JaffaCakes118

Files

f7111bcee875e7ff9f28ad1a10bf88df_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e837422256cc8662517da239511d6f39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

AdjustTokenPrivileges
QueryServiceStatus
OpenProcessToken
InitializeSecurityDescriptor
DeleteService
CloseServiceHandle

ole32

RevokeDragDrop
OleInitialize
OleFlushClipboard
GetConvertStg
CreateDataAdviseHolder
CLSIDFromProgID
CoUninitialize
CoTaskMemFree
CoRevokeClassObject
CoResumeClassObjects
CoGetMalloc
CoFileTimeNow
CoCreateInstance
CoCreateGuid
WriteFmtUserTypeStg

user32

SetFocus
OemToCharBuffA
MessageBoxIndirectA
LoadBitmapA
CreateMenu
CreateCursor
CharUpperA
CharToOemBuffA
CharPrevA

shell32

SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHBindToParent

shlwapi

PathIsRootA
PathFileExistsA
PathMatchSpecA
SHAutoComplete
StrStrIA
PathFindFileNameA
PathIsRelativeA

msvcrt

strlen
strchr
getenv
rand
memcpy
free
strstr

kernel32

lstrcpynA
lstrlenA
lstrcatA
Sleep
SetLastError
RaiseException
OpenFileMappingA
GetVersion
GetSystemTimeAsFileTime
GetLocalTime
ExitThread
EnumResourceTypesA
EnumResourceNamesA
CompareStringA
CloseHandle
lstrcmpA

Exports

Exports

Akc
Bgw
Bra
Csn
Cto
Iwj
Kee
Nwc
Pum
Qvu
Vkt
Ydm
Zsv

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e837422256cc8662517da239511d6f39

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 28KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 23KB - Virtual size: 24KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 26KB - Virtual size: 28KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 23KB - Virtual size: 24KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB