95eb1a25f3ddd63d82bc4c6a43beefd5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

95eb1a25f3ddd63d82bc4c6a43beefd5_JaffaCakes118
Size

227KB
MD5

95eb1a25f3ddd63d82bc4c6a43beefd5
SHA1

9c5571efeafbcce6a4ba0ccee95ebaef522bb5bb
SHA256

76972f528fba9e84eeceefc39bf84d18c89c5d3678bd713acfa8af96a8bbfb5c
SHA512

ce08ab038984cc5aaeb513869cda9d85d4a9d43dda0c40ac7718f12b0c4a5812b3fb13c47b2b32b653eb2379b1da09fa005610adeb7fc3688613a42d13a92f67
SSDEEP

6144:jugufhlwwso3VCghKdq57A1Vb8BXU9qS0v84cfL7XS:ru7Go3VCgAdaSVIYqS0vof/X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95eb1a25f3ddd63d82bc4c6a43beefd5_JaffaCakes118

Files

95eb1a25f3ddd63d82bc4c6a43beefd5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

23a774d7150aee56c747abde2b3208fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

StgCreatePropStg
CoTaskMemFree
CoInitializeEx
CoGetCallContext
CLSIDFromString

advapi32

RegOpenKeyExA
RegCloseKey
DeregisterEventSource
RegQueryValueExA

oleaut32

VariantInit
VarUI2FromUI4
VarI4FromI1
VarCyFromI2
VarBstrFromCy
SysAllocString

kernel32

WaitForSingleObject
WideCharToMultiByte
WriteFile
VirtualAlloc
VirtualProtect
GetProcessPriorityBoost
VerifyVersionInfoW
VerSetConditionMask
UnhandledExceptionFilter
TerminateProcess
Sleep
SetUnhandledExceptionFilter
SetStdHandle
CloseHandle
CreateSemaphoreA
CreateSemaphoreW
DebugBreak
DeleteCriticalSection
DeleteTimerQueueTimer
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsW
FindClose
FindFirstFileW
FindNextFileW
FlushFileBuffers
FormatMessageA
FormatMessageW
GetACP
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableW
GetFileSize
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GlobalFree
HeapAlloc
HeapCreate
HeapFree
HeapLock
HeapReAlloc
HeapUnlock
HeapWalk
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
LocalReAlloc
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
ReadFile
ReleaseSemaphore
RtlUnwind
SetConsoleTextAttribute
SetLastError

Exports

Exports

AddPicture2
EnumTvValueNext
GetDevice
GetLastError
Launch
Malloc
MemGetInfo
Memcpy2DToArray
ReadDevParamFromRAW
ReflectParamValues

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23a774d7150aee56c747abde2b3208fc

Headers

DLL Characteristics

File Characteristics

Imports

ole32

advapi32

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 44KB - Virtual size: 44KB

.data Size: 1024B - Virtual size: 90KB

.rsrc Size: 143KB - Virtual size: 143KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 44KB - Virtual size: 44KB

.data
Size: 1024B - Virtual size: 90KB

.rsrc
Size: 143KB - Virtual size: 143KB

.reloc
Size: 2KB - Virtual size: 1KB