10a3748473d3c5c20c2742bf8f45d289_JaffaCakes118

General

Target

10a3748473d3c5c20c2742bf8f45d289_JaffaCakes118
Size

322KB
MD5

10a3748473d3c5c20c2742bf8f45d289
SHA1

c71b9639866ac6f12386d08cc867289ea5727222
SHA256

be6b75bf672d9bffd5e00a2e00d6ec98e26db5e7ab52f86a5690c4de3ebe6393
SHA512

090d9205a2785b0715fdc626ae1f1b52c5932a51bae08066def824a3fc9cb2ff14988ade10c4c8f0c5fe4c641334027d734854d10f81f05fadfc5c998a898a1f
SSDEEP

6144:kh9UdR9l1kw27+Rg+hhBpzqtib2iXD3AXjtVVK2xcsQpDoWOIaw:NdRDecgkvb2wwXRepDQM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10a3748473d3c5c20c2742bf8f45d289_JaffaCakes118

Files

10a3748473d3c5c20c2742bf8f45d289_JaffaCakes118
.dll windows:4 windows x86 arch:x86

92dc953d46d1269f1eba7b12a99e9026

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VarFormatDateTime

winspool.drv

ClosePrinter

rpcrt4

I_RpcFree
I_RpcSsDontSerializeContext
NdrNonConformantStringMemorySize
NdrSimpleStructUnmarshall

shell32

DuplicateIcon
SHFormatDrive
SHGetSettings
WOWShellExecute
DragQueryPoint

kernel32

GetPriorityClass
lstrlenA
lstrcmpiA
WaitForMultipleObjectsEx
VirtualProtect
VirtualAlloc
SizeofResource
QueryPerformanceCounter
MulDiv
Module32First
LockResource
LoadResource
LoadLibraryExA
LoadLibraryA
IsProcessorFeaturePresent
CancelDeviceWakeupRequest
ExitProcess
FlushInstructionCache
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeThread
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcessPriorityBoost
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
GlobalFree
GlobalLock
InterlockedDecrement
InterlockedExchange
IsDBCSLeadByte

Exports

Exports

CheckVolumeTextureRequirements
CreatePatchMesh
GetImageInfoFromFileInMemory
GetImageInfoFromResourceW
LoadLayer
QuaternionSquad
Vec2TransformNormalArray

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92dc953d46d1269f1eba7b12a99e9026

Headers

File Characteristics

Imports

oleaut32

winspool.drv

rpcrt4

shell32

kernel32

Exports

Exports

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 147KB - Virtual size: 146KB

.data Size: 63KB - Virtual size: 63KB

.rsrc Size: 62KB - Virtual size: 62KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 147KB - Virtual size: 146KB

.data
Size: 63KB - Virtual size: 63KB

.rsrc
Size: 62KB - Virtual size: 62KB

.reloc
Size: 2KB - Virtual size: 1KB