JaffaCakes118_6ad957f406dc66c177305ddb8e4835d4

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6ad957f406dc66c177305ddb8e4835d4
Size

204KB
MD5

6ad957f406dc66c177305ddb8e4835d4
SHA1

2bb10f3d57453f25d04a19b3144a6222b0e87b67
SHA256

5a6b6ac9e464c4aa636974812118afbf645cf26ae7eb7b471d3f7a9d27274ae3
SHA512

1439071c27e0ad078a91e2170b170a2613c83098e7583dce2221261fe6e8d0a964493b41753ec277eecc9a16e34ac92ac95d410c638241842cb406571ca74fc1
SSDEEP

6144:2n8FEvxNiItcpYQxcvJU3+aCCJUf7mfv9u:PF2iEX+cvsrCC2f7mnk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6ad957f406dc66c177305ddb8e4835d4

Files

JaffaCakes118_6ad957f406dc66c177305ddb8e4835d4
.dll windows:4 windows x86 arch:x86

f58ee120efe3add1dac8901c8a7e3009

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

DefDriverProc
timeGetTime
DriverCallback

kernel32

FreeLibrary
GetModuleHandleA
GetProcAddress
CreateEventA
LoadLibraryA
VirtualFree
VirtualAlloc
OutputDebugStringA
InitializeCriticalSection
DeviceIoControl
WaitForSingleObject
GetLastError
ExitThread
SetEvent
ResumeThread
SetThreadPriority
CreateThread
WaitForMultipleObjectsEx
LocalFree
LocalAlloc
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
CloseHandle
GetOverlappedResult
DeleteCriticalSection
EnterCriticalSection

user32

DefWindowProcA
GetClientRect
PostQuitMessage
RegisterClassA
GetMessageA
GetWindowRect
SetForegroundWindow
CreateWindowExA
LoadCursorA
GetWindowLongA
DispatchMessageA
EnableWindow
wsprintfA
SetWindowTextA
ShowWindow
LoadStringA
MessageBoxA
GetDlgItem
SendMessageA
GetClassInfoA
UnregisterClassA
GetParent
IsWindowEnabled
SetWindowLongA
WinHelpA
FindWindowA

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA

comctl32

PropertySheetA
ord17
CreatePropertySheetPageA

ole32

CoInitialize
CoTaskMemFree
CoCreateInstance
CoUninitialize

oleaut32

OleCreatePropertyFrame
SysFreeString

ksuser

KsCreatePin

msvcrt

??3@YAXPAX@Z
strtol
??2@YAPAXI@Z
_purecall
__CxxFrameHandler
wcscmp
free
_initterm
_adjust_fdiv
malloc

Exports

Exports

DllMain
DriverProc
VfwWdm

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f58ee120efe3add1dac8901c8a7e3009

Headers

File Characteristics

Imports

winmm

kernel32

user32

advapi32

comctl32

ole32

oleaut32

ksuser

msvcrt

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 4KB - Virtual size: 1KB

.text Size: 132KB - Virtual size: 132KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 132KB - Virtual size: 132KB