75388ad2a32376b51ba2bf2a7f838d74_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

75388ad2a32376b51ba2bf2a7f838d74_JaffaCakes118
Size

246KB
MD5

75388ad2a32376b51ba2bf2a7f838d74
SHA1

a3788d8e02ddec7a7b51c28925c8368987513f14
SHA256

37b8028fd6cf9ee149a36523535287d5cf735c27eb4e0810af46895dee73ad93
SHA512

077876e189fa553ce1d95d2c0541f5b9ca3bcc451a0c23c404134d31c2e37af4fd8025144824bfc6c804311abc1ff598deab7478339e082204d8b7fb7f7cb71e
SSDEEP

6144:uPsi7eRm2Gx8Od7DhCH5RXskiJS1TgLieKmACTNvjsJV8:uPht2Zg4Hz8kjBBCNo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75388ad2a32376b51ba2bf2a7f838d74_JaffaCakes118

Files

75388ad2a32376b51ba2bf2a7f838d74_JaffaCakes118
.dll windows:4 windows x86 arch:x86

886e208b1c27c63a3536abc86b3842a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

StgCreatePropStg
CoTaskMemFree
CoInitializeEx
CoGetCallContext
CLSIDFromString

oleaut32

VariantInit
VarUI2FromUI4
VarI4FromI1
VarCyFromI2
VarBstrFromCy
SysAllocString

advapi32

RegOpenKeyExA
RegCloseKey
DeregisterEventSource
RegQueryValueExA

kernel32

VirtualAlloc
VerifyVersionInfoW
UnhandledExceptionFilter
VirtualProtect
Sleep
SetUnhandledExceptionFilter
SetStdHandle
SetLastError
WaitForSingleObject
WideCharToMultiByte
WriteFile
TerminateProcess
GetProcAddress
CloseHandle
CreateFileW
CreateSemaphoreA
DebugBreak
DeleteCriticalSection
DeleteTimerQueueTimer
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsW
FindClose
FindFirstFileW
FindNextFileW
FlushFileBuffers
FormatMessageA
FormatMessageW
GetACP
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableW
GetFileSize
GetLastError
GetLocalTime
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcessHeap
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GlobalAlloc
GlobalFree
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapLock
HeapReAlloc
HeapUnlock
HeapWalk
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
LocalReAlloc
MultiByteToWideChar
QueryPerformanceCounter
ReleaseSemaphore
RtlUnwind

Exports

Exports

BAOWriteToFile
ConvertToExifTiff
CreateIsoTrack
D3D10UnmapResources
D3D9ResourceGetMappedArray
D3D9ResourceGetSurfaceDimensions
EnumDevicePropertyRelease
GLUnmapBufferObject
GetExtendedDeviceInfo
ReflectParamValues

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

886e208b1c27c63a3536abc86b3842a5

Headers

DLL Characteristics

File Characteristics

Imports

ole32

oleaut32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 1024B - Virtual size: 185KB

.rsrc Size: 144KB - Virtual size: 143KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 1024B - Virtual size: 185KB

.rsrc
Size: 144KB - Virtual size: 143KB

.reloc
Size: 3KB - Virtual size: 2KB