aaf082987df70fe3951b3aae03d33ca2_JaffaCakes118

General

Target

aaf082987df70fe3951b3aae03d33ca2_JaffaCakes118
Size

248KB
MD5

aaf082987df70fe3951b3aae03d33ca2
SHA1

3de949127f1321a866b3e0b23f566f3d808fb09c
SHA256

ce56b2ed3e9405c20452b5e7d54ee213157a8ae1241ec0e3e106c1fa0ff47882
SHA512

ce7d6d53a60d33f5c7115585a1375110272c4b91621f525a0a58daa251e90ed1994cce87d5d6b6030a234773aee57f3e74799e452a77c24616291bce9b16c1b4
SSDEEP

6144:iHt/6XhC+H3ksSwJNou2+IZut6Y9gt/GDEJPypsalkFxlhO:iN/6xCCUAJNou2hutaEEJ6psBN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aaf082987df70fe3951b3aae03d33ca2_JaffaCakes118

Files

aaf082987df70fe3951b3aae03d33ca2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

749415d4e5a801e55e4723498f373d4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegDeleteKeyA

comctl32

PropertySheetA

kernel32

GetBinaryTypeA
GetCommConfig
GetCommandLineA
GetDateFormatA
GetFileSizeEx
GetModuleHandleA
GetTapeParameters
GetVersionExA
GlobalLock
HeapAlloc
HeapCreate
InitializeCriticalSection
IsBadReadPtr
IsBadWritePtr
LocalReAlloc
Module32FirstW
ReadFileEx
ReplaceFileW
FindFirstVolumeMountPointW
SetFileAttributesW
UnmapViewOfFile
VirtualProtectEx
lstrcatW
lstrlenA
AddConsoleAliasW
CompareFileTime
CreateJobObjectW
EnumDateFormatsExA
EnumDateFormatsExW
ExitProcess
ExpandEnvironmentStringsW

ntdll

RtlInitString
wcscpy
wcscspn
RtlDestroyEnvironment

ole32

CoTaskMemRealloc
OleCreateLinkToFile
StgCreateDocfile
CLSIDFromProgIDEx
CoGetClassVersion
CoRegisterMallocSpy

oleaut32

VariantCopyInd
VarDecNeg
VarDateFromDec
SafeArrayGetElemsize
SysStringLen
VarCyFromDec

imm32

ImmUnregisterWordA
ImmReleaseContext
ImmReSizeIMCC
ImmIsIME
ImmGetVirtualKey
ImmGetCompositionFontW
ImmEnumInputContext

Exports

Exports

ClearErrors
DVDMRWVRUnFinalizeDisc
GetAvailableDrives
GetAverageFileSize
GetDevice
GetDeviceOption
GetFunctions
GetObjectData
GetSupportParamValueHead
Memcpy2D
Memset3D

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

749415d4e5a801e55e4723498f373d4e

Headers

File Characteristics

Imports

advapi32

comctl32

kernel32

ntdll

ole32

oleaut32

imm32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 72KB - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 72KB - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB