4790fac6803a6abbac46942ce53b05d1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4790fac6803a6abbac46942ce53b05d1_JaffaCakes118
Size

252KB
MD5

4790fac6803a6abbac46942ce53b05d1
SHA1

f045617fbd38cbe43348385bbaa6cec9e3dfb8b9
SHA256

af356012f384447bb10e11346192baf46a986e30894a56f591cd8a72be50f760
SHA512

53a9d6ee78879475312ac1907cba3cd70f497f43ba8fc1b381dce1834bc52f036f4fc1f6259322950bc10ad7c01edcf6eedf760f254ed49e674b252dfefbc888
SSDEEP

3072:PMkvNYYN0voSK/bl+e9lzpBscRaXNDRk/VDd6qFHDUMXuBF6Ibv2MLubnLdiq/xB:ZYk0gSKNtRWRk/b6uUMXuBbjEnLMqp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4790fac6803a6abbac46942ce53b05d1_JaffaCakes118

Files

4790fac6803a6abbac46942ce53b05d1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

511d35c6291630b284852735ff446739

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

PropertySheetA

ntdll

RtlDestroyEnvironment
RtlInitString

ole32

CoGetClassVersion
CoRegisterMallocSpy
CoTaskMemRealloc
OleCreateLinkToFile
StgCreateDocfile
CLSIDFromProgIDEx

advapi32

RegDeleteKeyA

imm32

ImmReleaseContext
ImmGetVirtualKey
ImmGetCompositionFontW
ImmEnumInputContext
ImmUnregisterWordA
ImmIsIME
ImmReSizeIMCC

oleaut32

VarDecNeg
VarDateFromDec
VarCyFromDec
SysStringLen
SafeArrayGetElemsize
VariantCopyInd

kernel32

IsBadReadPtr
InitializeCriticalSection
IsBadWritePtr
HeapAlloc
GlobalLock
GetVersionExA
GetTapeParameters
LocalReAlloc
Module32FirstW
ReadFileEx
ReplaceFileW
SetFileAttributesW
UnmapViewOfFile
VirtualProtectEx
lstrcatW
lstrlenA
HeapCreate
GetModuleHandleA
GetFileSizeEx
GetDateFormatA
GetCommandLineA
GetCommConfig
GetBinaryTypeA
AddConsoleAliasW
CompareFileTime
CreateJobObjectW
EnumDateFormatsExA
EnumDateFormatsExW
ExitProcess
ExpandEnvironmentStringsW
FindFirstVolumeMountPointW

Exports

Exports

CopyIsoItem
DVDMRWVRUnFinalizeDisc
EnumSupportedImageSizeNext
ExtractMyColorDataFromPrmStrm
GetAvailableDrives
GetAvailableDrivesEx
GetMCCustomCapCount
GetRelCamSettingDataCount
GetSupportParamItemNext
MemcpyAsync
SetExpectedAPIVersion
SetupArgument

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

511d35c6291630b284852735ff446739

Headers

File Characteristics

Imports

comctl32

ntdll

ole32

advapi32

imm32

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 168KB

.data Size: 72KB - Virtual size: 108KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 168KB - Virtual size: 168KB

.data
Size: 72KB - Virtual size: 108KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB