15456ba48edd85d253aa9f1e3860af33_JaffaCakes118

General

Target

15456ba48edd85d253aa9f1e3860af33_JaffaCakes118
Size

365KB
MD5

15456ba48edd85d253aa9f1e3860af33
SHA1

d62d9f2be62b2e44ab62120a54a5bb3cbbbd15fe
SHA256

bbbe65ded7c126b2b019addf2db0ecb1c5b1b958bdfc2f1072d06abec2fe04a6
SHA512

bdb13efc6ca0a64fc41697654e5b13dd401b87c52f26b77ef14d2abe964ddd92f9ec4876b186e2cd7e3e0b26e3c20699496093454b512d3fccc5b491b8963a83
SSDEEP

6144:tCVsBThivf5hNQj/WPPCQp4KlYVA1+lvkJONBq9gnJoqEyfE0I/5BgeGS:Bo35hNQj/gvKKGVA1+vkgByg1fE0Ter

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15456ba48edd85d253aa9f1e3860af33_JaffaCakes118

Files

15456ba48edd85d253aa9f1e3860af33_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b57d13133806303ddbf23debff061b47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
ImpersonateAnonymousToken

ole32

CoTaskMemFree
StringFromCLSID

kernel32

lstrlenW
WideCharToMultiByte
WaitForSingleObject
CloseHandle
CreateFileA
CreateProcessA
DeleteCriticalSection
DosDateTimeToFileTime
EnterCriticalSection
ExitProcess
FreeLibrary
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableA
GetLastError
GetLocaleInfoA
GetLongPathNameA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessPriorityBoost
GetShortPathNameA
GetStartupInfoA
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetVersionExA
GlobalUnWire
HeapReAlloc
InitializeCriticalSection
InterlockedExchange
LoadLibraryA
QueryInformationJobObject
QueryPerformanceCounter
QueryPerformanceFrequency
VirtualAlloc

Exports

Exports

AssembleShaderFromResourceA
LoadMemory
LoadVolumeFromFileInMemory
MatrixDeterminant
MatrixReflect
StringToAddress
mpegInOpenMPEGIdx
mpegInOpenTSFile

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b57d13133806303ddbf23debff061b47

Headers

File Characteristics

Imports

advapi32

ole32

kernel32

Exports

Exports

Sections

.text Size: 77KB - Virtual size: 76KB

.rdata Size: 161KB - Virtual size: 161KB

.data Size: 69KB - Virtual size: 70KB

.rsrc Size: 51KB - Virtual size: 50KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 77KB - Virtual size: 76KB

.rdata
Size: 161KB - Virtual size: 161KB

.data
Size: 69KB - Virtual size: 70KB

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 5KB - Virtual size: 4KB