8b1a59f907dd287e11ddb5d78c6f62dc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8b1a59f907dd287e11ddb5d78c6f62dc_JaffaCakes118
Size

254KB
MD5

8b1a59f907dd287e11ddb5d78c6f62dc
SHA1

4c3d24e47097d7fcf23e8b98eb030346646ec316
SHA256

b6d32a2ebf68347ca5760da8ce122b364d8943e907903e011cd3a9552869b07e
SHA512

c9cfd53a6dc95782f926cc6442997b070e4aafbdae90bda5cb83e2d2813ae13163a13eb6857523f6b2760d243f31a23c87eca9f49f4cd6fca513ccab755a8141
SSDEEP

6144:/AANPe9aDJCyyqwtxEz7FmAWitbdfwvSoK:YXtqw4zrPtbx/o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b1a59f907dd287e11ddb5d78c6f62dc_JaffaCakes118

Files

8b1a59f907dd287e11ddb5d78c6f62dc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fdbd4fb9d5545164cb5f1dc16b4bdedf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
DeregisterEventSource

ole32

CoTaskMemFree
CoInitializeEx
CoGetCallContext
CLSIDFromString
StgCreatePropStg

oleaut32

VariantInit
VarUI2FromUI4
VarI4FromI1
VarCyFromI2
VarBstrFromCy
SysAllocString

kernel32

WriteFile
WideCharToMultiByte
WaitForSingleObject
VirtualProtect
VirtualAlloc
VerifyVersionInfoW
UnhandledExceptionFilter
TerminateProcess
Sleep
SetUnhandledExceptionFilter
SetStdHandle
SetLastError
RtlUnwind
CloseHandle
DebugBreak
DeleteCriticalSection
DeleteTimerQueueTimer
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsW
FlushFileBuffers
FormatMessageA
FormatMessageW
GetACP
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableW
GetFileSize
GetLastError
GetLocalTime
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GlobalAlloc
GlobalFree
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapLock
HeapReAlloc
HeapUnlock
HeapWalk
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalReAlloc
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
ReadFile

Exports

Exports

ConfigureCall
CopyStrmPrmToRawObj
CreateFolder
EnumCustomFunctionSettingNext
EnumTvValueRelease
EventSynchronize
FlashImageItemProperty
Free
GetImageFormatAttribute
GetMaximumZoomPos
InitEx
MutexOperation
WGLGetDevice
WriteDevParamToRawEx

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fdbd4fb9d5545164cb5f1dc16b4bdedf

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

ole32

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 52KB

.rdata Size: 55KB - Virtual size: 55KB

.data Size: 1024B - Virtual size: 109KB

.rsrc Size: 140KB - Virtual size: 140KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 52KB - Virtual size: 52KB

.rdata
Size: 55KB - Virtual size: 55KB

.data
Size: 1024B - Virtual size: 109KB

.rsrc
Size: 140KB - Virtual size: 140KB

.reloc
Size: 3KB - Virtual size: 3KB