0adeeaf1ca93eb59a835f5deaa8fa965_JaffaCakes118

General

Target

0adeeaf1ca93eb59a835f5deaa8fa965_JaffaCakes118
Size

88KB
MD5

0adeeaf1ca93eb59a835f5deaa8fa965
SHA1

852d3a1b3cb287f7b7c24275de2d2af711daf190
SHA256

dd59225f85c5a88c38e2c87789ebf0c15cb239efc3e2b780ad78d030c62bdc8f
SHA512

f44c40ea2561b1509305a49dc1e33122285eb32e82bf4a90bdb7668e2ca48706ee4f45a55e1969516cd563115adc40b88b175899ea639458f2d8aec49434a527
SSDEEP

1536:M5u2KSP8ivad8MQegRzTF/9GUuxduDk1Ku+9h08Cl3sLIfrQtc7dalsNpiJBIy1C:L2KgjadqRxux4Dk1G0zsLyrQK7djiBrl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0adeeaf1ca93eb59a835f5deaa8fa965_JaffaCakes118

Files

0adeeaf1ca93eb59a835f5deaa8fa965_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dba4af9b297209ea3944ba591d902550

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadHugeReadPtr
FindFirstChangeNotificationW
Beep
GetModuleHandleA
GetVolumeInformationW
SearchPathA
ReadFile
CallNamedPipeA
GetLastError
EraseTape
FileTimeToLocalFileTime
WideCharToMultiByte
IsBadReadPtr
TlsGetValue

tapi32

tapiGetLocationInfoA
lineRedirectW
lineTranslateAddress
linePrepareAddToConference
lineGetRequest
lineGetCallStatus

msvcrt

__toascii
memcpy
_ismbbtrail
_wexecve
_vsnwprintf
_fmode
_outpd
_isctype
abs
_mbsdec
_endthreadex
_wstati64
iswalnum
_rotl

winmm

mxd32Message
mciSendStringA
mciLoadCommandResource
waveOutUnprepareHeader
OpenDriver
midiConnect
waveInReset
midiOutLongMsg
mciGetDeviceIDFromElementIDW
waveInGetID
waveInUnprepareHeader
mmioSeek

opengl32

glVertexPointer
glPushAttrib
glNormal3fv
glColor4us
glVertex4iv
glTexCoord1d
glRasterPos2i

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dba4af9b297209ea3944ba591d902550

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

tapi32

msvcrt

winmm

opengl32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 78KB - Virtual size: 78KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 20KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 78KB - Virtual size: 78KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 20KB