5349dff95faf259f913995c1fe4c4f70_JaffaCakes118

General

Target

5349dff95faf259f913995c1fe4c4f70_JaffaCakes118
Size

187KB
MD5

5349dff95faf259f913995c1fe4c4f70
SHA1

9748d3bd6e7101c2ee87be3c4af5f9e4e365918c
SHA256

c17c01ecf180a0b470f46abeeb141783bf8a12b512da0c62932cb3a5d994b62c
SHA512

ff0610f345ff55bc938dcd836162a68e6fa54148a308ee503d6791a89ccb8ce2495bf488437340b5f383c09c7c42b71aac419221e6ac358b791df98160490488
SSDEEP

3072:+SJYmpVHgM1JqYilOe1GkcxsDCSHEZ6KjJ:+SJYmTAYPilOLODCUEZ1j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5349dff95faf259f913995c1fe4c4f70_JaffaCakes118

Files

5349dff95faf259f913995c1fe4c4f70_JaffaCakes118
.dll windows:4 windows x86 arch:x86

41f5e691597545b2180518617137cddc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedCompareExchange
GetConsoleMode
WriteConsoleW
BeginUpdateResourceW
GetStartupInfoA
LocalAlloc
GetProcAddress
FreeLibrary
InterlockedExchange
GetLastError
LoadLibraryA
RaiseException

advapi32

StartServiceCtrlDispatcherA
LookupAccountSidA
RegOverridePredefKey
DeleteService
AccessCheckAndAuditAlarmA
DestroyPrivateObjectSecurity
GetSidSubAuthorityCount
StartServiceW
RegisterEventSourceA
CloseEncryptedFileRaw
ObjectCloseAuditAlarmA

Exports

Exports

WA1MPAcc2dessCompregsssion
WAMPAndroidDocument
WAMPDirectoryApp
WAMPDirectorySnow
WAMPFrozenParameter
WAMPGrep
WAMPMxemoryAl5gorithm
WAMPRippingMount

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41f5e691597545b2180518617137cddc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 5KB

.hdata Size: 75KB - Virtual size: 75KB

.rsrc Size: 72KB - Virtual size: 76KB

.reloc Size: 512B - Virtual size: 20KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 5KB

.hdata
Size: 75KB - Virtual size: 75KB

.rsrc
Size: 72KB - Virtual size: 76KB

.reloc
Size: 512B - Virtual size: 20KB