32bdc96faf0876ad8aa80900c7b38376_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

32bdc96faf0876ad8aa80900c7b38376_JaffaCakes118
Size

314KB
MD5

32bdc96faf0876ad8aa80900c7b38376
SHA1

ed435a67e626e83d49f6a44f0b64b79a69cf9fb4
SHA256

3e5ab3f03ab25e81d49126c76229a659c716f37d0f0583508ca3ea032cbfcc64
SHA512

bb290c4871ab5ebcb90fd67cfb7d90e3739961c9d3acb294dba6b5e6fb3cde50436ea220e4bdbefd5637f408b7706a6eedb675d929b5717dedc0a838b96ab452
SSDEEP

6144:AsQ70UoY66wgSR0phrcmCy80/LzAHGcTiLbXMekhM08NCqZZr3D3tF4gNla0AkSR:AIdjs/Q3XWCUDvU0jcp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32bdc96faf0876ad8aa80900c7b38376_JaffaCakes118

Files

32bdc96faf0876ad8aa80900c7b38376_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d62581f4dd3479d812a2d4aabbc527c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantInit
VarBstrFromCy
VarCyFromI2
VarI4FromI1
SysAllocString
VarUI2FromUI4

advapi32

RegOpenKeyExA
RegCloseKey
DeregisterEventSource
RegQueryValueExA

ole32

CoInitializeEx
CoTaskMemFree
CLSIDFromString

kernel32

UnmapViewOfFile
WaitForSingleObject
WideCharToMultiByte
WriteFile
VirtualAlloc
VirtualProtect
GetSystemInfo
UnhandledExceptionFilter
TerminateProcess
Sleep
SetUnhandledExceptionFilter
CloseHandle
CreateThread
DebugBreak
DeleteCriticalSection
DeleteTimerQueueTimer
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FormatMessageA
GetACP
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeThread
GetFileSize
GetLastError
GetLocalTime
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GlobalAlloc
GlobalFree
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
HeapUnlock
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalReAlloc
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
ReadFile
RtlUnwind
ScrollConsoleScreenBufferA
SetLastError
SetStdHandle

Exports

Exports

CreateEffectFromResourceExW
CreateFontIndirectA
SHEvalDirectionalLight
SHEvalHemisphereLight
SplitMesh
VecAddFontMapper
mpegInFree
mpegSplitOpenFile
mpegSplitSeekTimeTS

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d62581f4dd3479d812a2d4aabbc527c3

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

advapi32

ole32

kernel32

Exports

Exports

Sections

.text Size: 41KB - Virtual size: 40KB

.rdata Size: 113KB - Virtual size: 113KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 156KB - Virtual size: 155KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 41KB - Virtual size: 40KB

.rdata
Size: 113KB - Virtual size: 113KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 156KB - Virtual size: 155KB

.reloc
Size: 1KB - Virtual size: 1KB