d23c97345e1f7ea262f1282e4f4d8b67_JaffaCakes118

General

Target

d23c97345e1f7ea262f1282e4f4d8b67_JaffaCakes118
Size

248KB
MD5

d23c97345e1f7ea262f1282e4f4d8b67
SHA1

0c09d5186b33a3d6b822cef514ccc37d567ae224
SHA256

2e1321f8dfaf37abb0d3f1830bccb7be1ba8664da317f4b086875954ad137800
SHA512

1c903a028af7c022d08ebad1e6a898bda7a21f001f827514768a967f2097550f5e881f3a30a0ac3d045fc247f866ca949806d4b83936acc7bfd1394abb3cc64e
SSDEEP

6144:7lI9ZH7S/RFqAgHjUQzWBqJewGoeAQ+F8:7s7GRCIfAe4Q1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d23c97345e1f7ea262f1282e4f4d8b67_JaffaCakes118

Files

d23c97345e1f7ea262f1282e4f4d8b67_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f754d9f1c896a08f809e03a0e8b998ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

StgCreateDocfile
OleCreateLinkToFile
CoTaskMemRealloc
CoRegisterMallocSpy
CoGetClassVersion
CLSIDFromProgIDEx

imm32

ImmReleaseContext
ImmUnregisterWordA
ImmEnumInputContext
ImmGetCompositionFontW
ImmGetVirtualKey
ImmIsIME
ImmReSizeIMCC

oleaut32

SafeArrayGetElemsize
VarCyFromDec
VarDateFromDec
VarDecNeg
VariantCopyInd
SysStringLen

comctl32

PropertySheetA

ntdll

RtlInitString
wcscpy
wcscspn
RtlDestroyEnvironment

kernel32

lstrlenA
UnmapViewOfFile
VirtualProtectEx
ReplaceFileW
ReadFileEx
Module32FirstW
LocalReAlloc
IsBadWritePtr
IsBadReadPtr
InitializeCriticalSection
lstrcatW
HeapCreate
HeapAlloc
GlobalLock
GetVersionExA
GetTapeParameters
GetModuleHandleA
GetFileSizeEx
SetFileAttributesW
GetDateFormatA
GetCommandLineA
GetCommConfig
GetBinaryTypeA
AddConsoleAliasW
CompareFileTime
CreateJobObjectW
EnumDateFormatsExA
EnumDateFormatsExW
ExitProcess
ExpandEnvironmentStringsW
FindFirstVolumeMountPointW

advapi32

RegDeleteKeyA

Exports

Exports

BAOOpenFile
D3D9UnmapResources
GetLimitation
GetSupportParamValueHead

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f754d9f1c896a08f809e03a0e8b998ce

Headers

File Characteristics

Imports

ole32

imm32

oleaut32

comctl32

ntdll

kernel32

advapi32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 72KB - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 72KB - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB