JaffaCakes118_b0513a2e9f11f2ebc7d739e84f9f9b98

General

Target

JaffaCakes118_b0513a2e9f11f2ebc7d739e84f9f9b98
Size

195KB
MD5

b0513a2e9f11f2ebc7d739e84f9f9b98
SHA1

6b6cb092ee713f0caeebabec1fb855c95dc78445
SHA256

e7d2e3ede3d3f5c6a83e124f853b69f535c261c47f1cf03e5d0aac518568966a
SHA512

a9abf6abb993b9fb0baa9edf5a02da0be5af38e404021b9e0483b7af49f0c50aa2529c2a4b567f623a050b218cb94312224f3b7d4260d49e48598a0b6c982123
SSDEEP

3072:5A2UsplBHR7MBcf/UAZ7M37Dbnz4j4hEvDAPxTgSkRRq4YT+R+SrPI//ou77Z:q2UIuyfvZE7v8j4hzgSWrwY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b0513a2e9f11f2ebc7d739e84f9f9b98

Files

JaffaCakes118_b0513a2e9f11f2ebc7d739e84f9f9b98
.dll windows:4 windows x86 arch:x86

2bfb30d258d62ef3f98823b697134583

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateConsoleScreenBuffer
DeleteCriticalSection
DisableThreadLibraryCalls
DuplicateHandle
ExitProcess
FatalAppExitA
FlushFileBuffers
FreeLibrary
GetACP
GetCommandLineA
GetCurrentProcess
GetLocaleInfoW
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetStdHandle
GetVersion
HeapAlloc
HeapCreate
HeapReAlloc
InitializeCriticalSection
MultiByteToWideChar
OpenProcess
RtlUnwind
SetEvent
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
WriteConsoleW
WriteFile
lstrlenA

user32

SetMenuItemInfoA
SetCapture
RemoveMenu
RegisterWindowMessageA
LoadImageA
LoadAcceleratorsA
CreateMenu
CallWindowProcA

ole32

StringFromGUID2
CoBuildVersion
CoCreateInstance
CoTaskMemFree
CreateAntiMoniker

advapi32

ImpersonateNamedPipeClient
GetAuditedPermissionsFromAclW

opengl32

glVertex3fv
glRasterPos4sv
glIndexd

Exports

Exports

MemcpyToArrayAsync

Sections

.text
Size: 129KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

2bfb30d258d62ef3f98823b697134583

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

opengl32

Exports

Exports

Sections

.text Size: 129KB - Virtual size: 216KB

.data Size: 60KB - Virtual size: 60KB

.rsrc Size: 4KB - Virtual size: 8KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 129KB - Virtual size: 216KB

.data
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 4KB - Virtual size: 8KB

.reloc
Size: 1024B - Virtual size: 4KB