0c42bd659d5be5b21379923c840b274f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c42bd659d5be5b21379923c840b274f_JaffaCakes118
Size

331KB
MD5

0c42bd659d5be5b21379923c840b274f
SHA1

b3441c6379f6556c807dc5a762febb830c96e9a6
SHA256

d3480205fa153b286584340a1696bc8124cb396c017080c13b842ba59c315efa
SHA512

a1fb96f1cc981f5fa0e0f1ea1232b3b54c80c65f8b2d358082aaeebc41f69952214156b8585dc64e1486433bbeaed57c53f353e47dcf2dde7bec94c9e5b3d93d
SSDEEP

6144:bAuMG6GRXe/aTV90sAumpKWehEcRJzCQgCJa4k3CpUkO2KqUsxA:bbjJV9Xzv/pnzCNIRi/2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c42bd659d5be5b21379923c840b274f_JaffaCakes118

Files

0c42bd659d5be5b21379923c840b274f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

aebcd193f51ef0609a091a0191d6b6a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

SHGetDesktopFolder
SHExtractIconsW
SHChangeNotify
DragQueryPoint
SHLoadInProc
DragQueryFileA

kernel32

IsDBCSLeadByte
lstrlenA
lstrcpynA
lstrcmpA
WaitForMultipleObjectsEx
VirtualProtect
CancelDeviceWakeupRequest
DeleteTimerQueueTimer
EnterCriticalSection
ExitProcess
FindResourceA
FlushInstructionCache
FreeLibrary
GetACP
GetCurrentProcessId
GetCurrentThreadId
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcessPriorityBoost
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
VirtualFree
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
Module32First
MulDiv
MultiByteToWideChar
ProcessIdToSessionId
PurgeComm
QueryPerformanceCounter
SetPriorityClass
SetSystemTime
VirtualAlloc

version

VerFindFileA
VerFindFileW
GetFileVersionInfoA

netapi32

NetRenameMachineInDomain

security

EncryptMessage
SealMessage
RevertSecurityContext
FreeContextBuffer
CompleteAuthToken

Exports

Exports

ComputeIMTFromTexture
CreateLine
LoadFileOffset
MatrixPerspectiveOffCenterRH
SHRotate
SaveBitmap
SaveData
Vec3Project
Vec3TransformNormal
VecFeedLoad
mpegInUpdateFiles

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aebcd193f51ef0609a091a0191d6b6a5

Headers

File Characteristics

Imports

shell32

kernel32

version

netapi32

security

Exports

Exports

Sections

.text Size: 59KB - Virtual size: 59KB

.rdata Size: 139KB - Virtual size: 138KB

.data Size: 66KB - Virtual size: 67KB

.rsrc Size: 62KB - Virtual size: 62KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 59KB - Virtual size: 59KB

.rdata
Size: 139KB - Virtual size: 138KB

.data
Size: 66KB - Virtual size: 67KB

.rsrc
Size: 62KB - Virtual size: 62KB

.reloc
Size: 3KB - Virtual size: 2KB