0b6a91bc7eda5dfda1e4e0d0a9b960d0_JaffaCakes118

General

Target

0b6a91bc7eda5dfda1e4e0d0a9b960d0_JaffaCakes118
Size

125KB
MD5

0b6a91bc7eda5dfda1e4e0d0a9b960d0
SHA1

ccf5794da68d5ce0af2de76c3c52c4ba842d23f0
SHA256

e6c665c1c291e9c5cadc3a8c954c2cd5d1232149ea812245a3c676ebe7830729
SHA512

68a3071c97d1db8de5d3c6c9b7fac33ca0143d1679ab842e26e9ba4f23a666f40161b2a42234bd65ba1c579381c0bc05a2386e6f83951f9fd921f01457e55b14
SSDEEP

1536:K+haUjUmcYC2LqTk5tlnAaTXrNSbckVHtrIVO0TBWnKvzwRkk0ZhKMMiU1aoauY:fxjibkdnLTqoV5TUnKckJ/KMMiU1m9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b6a91bc7eda5dfda1e4e0d0a9b960d0_JaffaCakes118

Files

0b6a91bc7eda5dfda1e4e0d0a9b960d0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3dd75a8c068a6d5e7f799a6411273458

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantClear
VariantCopyInd
SysAllocStringLen
SysFreeString
LoadTypeLib

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
StartServiceA
CloseServiceHandle
AdjustTokenPrivileges
OpenServiceA

ole32

CoCreateInstance
CoRegisterClassObject
CLSIDFromProgID
CoRegisterMessageFilter
CoResumeClassObjects
CreateOleAdviseHolder
StringFromGUID2
ReadClassStg
OleUninitialize
OleLockRunning
GetConvertStg
CreateStreamOnHGlobal
CLSIDFromString

kernel32

FlushFileBuffers
LoadLibraryA
LoadResource
WriteFile
TlsGetValue
MapViewOfFile
SleepEx
FreeResource

msvcrt

__getmainargs
memchr
free
fflush
exit
__set_app_type
__p__commode
memset
strcmp
memmove

opengl32

wglDeleteContext
wglCreateContext
wglMakeCurrent

gdi32

SetPixelFormat
ChoosePixelFormat

Exports

Exports

Afn
Mxt
Roh
Sxc
Tbp
Uwq
Xmp
Zig

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dd75a8c068a6d5e7f799a6411273458

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

kernel32

msvcrt

opengl32

gdi32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 30KB - Virtual size: 32KB

.data Size: 31KB - Virtual size: 32KB

.idata Size: 10KB - Virtual size: 12KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 30KB - Virtual size: 32KB

.data
Size: 31KB - Virtual size: 32KB

.idata
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 24KB - Virtual size: 28KB