2e897a4f7fedef682cc585c572a5c961_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e897a4f7fedef682cc585c572a5c961_JaffaCakes118
Size

240KB
MD5

2e897a4f7fedef682cc585c572a5c961
SHA1

7878881bc7495c92e389bf2a66d96ca934ceece0
SHA256

591ceea800973eda2414aa288140603e4b4ae40fc58649b6d80d8d093463d75a
SHA512

ce52b01a870439ba17417fc1de70046041704ad489bfd09b2090f8ad60e353fd3e73fd77db3d30202b40040d2efab0d5c974ddd7671186a18aa9c4c161431252
SSDEEP

6144:paLg8MosOqUeDkxd5Ja+cKuhpD1hPryNj7I+A:0LM2eDkxd5s55hpDDTaj0+A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e897a4f7fedef682cc585c572a5c961_JaffaCakes118

Files

2e897a4f7fedef682cc585c572a5c961_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dd1a8b619a9777aad62ccef1101ff602

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

SafeArrayGetElemsize
VarCyFromDec
VarDateFromDec
VarDecNeg
VariantCopyInd
SysStringLen

kernel32

ExpandEnvironmentStringsW
FindFirstVolumeMountPointW
GetBinaryTypeA
GetCommConfig
GetCommandLineA
GetDateFormatA
GetFileSizeEx
GetModuleHandleA
GetTapeParameters
GetVersionExA
GlobalLock
HeapAlloc
HeapCreate
ExitProcess
IsBadReadPtr
IsBadWritePtr
LocalReAlloc
Module32FirstW
ReadFileEx
ReplaceFileW
SetFileAttributesW
UnmapViewOfFile
VirtualProtectEx
lstrcatW
lstrlenA
EnumDateFormatsExW
EnumDateFormatsExA
CreateJobObjectW
CompareFileTime
AddConsoleAliasW
InitializeCriticalSection

ole32

CoGetClassVersion
StgCreateDocfile
CoTaskMemRealloc
OleCreateLinkToFile
CLSIDFromProgIDEx
CoRegisterMallocSpy

ntdll

RtlInitString
wcscpy
wcscspn
RtlDestroyEnvironment

comctl32

PropertySheetA
CreatePropertySheetPageA

advapi32

RegDeleteKeyA

imm32

ImmGetCompositionFontW
ImmReSizeIMCC
ImmReleaseContext
ImmUnregisterWordA
ImmGetVirtualKey
ImmIsIME
ImmEnumInputContext

Exports

Exports

ClearErrors
DVDMRWVRUnFinalizeDisc
GetAvailableDrives
GetAverageFileSize
GetDevice
GetDeviceOption
GetFunctions
GetObjectData
GetSupportParamValueHead
Memcpy2D
Memset3D

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd1a8b619a9777aad62ccef1101ff602

Headers

File Characteristics

Imports

oleaut32

kernel32

ole32

ntdll

comctl32

advapi32

imm32

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 156KB

.data Size: 72KB - Virtual size: 120KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 156KB - Virtual size: 156KB

.data
Size: 72KB - Virtual size: 120KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB