0233594508f9eed38ccbc384c6c02a3f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0233594508f9eed38ccbc384c6c02a3f_JaffaCakes118
Size

407KB
MD5

0233594508f9eed38ccbc384c6c02a3f
SHA1

e3ad69324e72e82369a277365647b2e8c3376d53
SHA256

71ccea94de9002a0018dee67a420fa22045538e6f17a69e45e83bf4cd8ffeae7
SHA512

a3ecd28ea5a2a58be6b4daa38c666533a26b8179ac145492dae9699ea49d4c951da06baefa513912e9c4a5883cda77d7f20cc4fd4d1e10b294c5ebc5796a4f15
SSDEEP

6144:QolKJaQShWZR7c/wqLvZkoUcLz3HCPEoK6Rsn3vyaajnkBVHQm1KMedAo/Lvv0S9:LPkG3yRadCAABwPd+iTy2Pa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0233594508f9eed38ccbc384c6c02a3f_JaffaCakes118

Files

0233594508f9eed38ccbc384c6c02a3f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

32f4acfb24ede7adda4a00875e7001b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsW
FlushFileBuffers
FormatMessageA
FormatMessageW
GetACP
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeThread
GetFileSize
GetLastError
GetLocalTime
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GlobalAlloc
GlobalFree
HeapAlloc
HeapCreate
HeapDestroy
DisableThreadLibraryCalls
HeapLock
HeapReAlloc
HeapUnlock
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalReAlloc
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
ReadFile
RtlUnwind
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualProtect
WaitForSingleObject
WideCharToMultiByte
WriteFile
DeleteTimerQueueTimer
DeleteCriticalSection
DebugBreak
HeapFree
CloseHandle

ole32

CoInitializeEx
CoTaskMemFree
CLSIDFromString

advapi32

DeregisterEventSource
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

oleaut32

VarBstrFromCy
VariantInit
VarUI2FromUI4
VarI4FromI1
SysAllocString
VarCyFromI2

Exports

Exports

D3D10ResourceSetMapFlags
EnumShootingModeRelease
GetDZoomMagnification
GetMCCustomSetNumberCount
GetRelCamSettingCount
GraphicsSubResourceGetMappedArray
SetExpectedAPIVersion

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32f4acfb24ede7adda4a00875e7001b4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 187KB - Virtual size: 187KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 155KB - Virtual size: 155KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 187KB - Virtual size: 187KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 155KB - Virtual size: 155KB

.reloc
Size: 3KB - Virtual size: 3KB