d3b88e73ef94d646fc4e6ec12911af01_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d3b88e73ef94d646fc4e6ec12911af01_JaffaCakes118
Size

244KB
MD5

d3b88e73ef94d646fc4e6ec12911af01
SHA1

3f847eee537eee287b371ab273ebc276d0e69833
SHA256

aa9d1dd6dc42ec57a4b9ab37a2c5ca975ad06e6922c82d8a34cc75c92727cc09
SHA512

7184cc85afad5bade6a8b02ef732b19ac44c250ab113b3d8c30541c22d1616155c5b4202c62d29f6803023e95c54a64412d63cc0318b143f7477a9ccbcd0c4a1
SSDEEP

6144:l6ljzrtkQsMtnTGEIt6F21s463OWaUKf1oly5Lcs0gaoTNi:IlLtntyEIg2P6KUw1oHsiP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3b88e73ef94d646fc4e6ec12911af01_JaffaCakes118

Files

d3b88e73ef94d646fc4e6ec12911af01_JaffaCakes118
.dll windows:4 windows x86 arch:x86

905b3e0081387a0a7d0252ab327b3806

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

imm32

ImmIsIME
ImmUnregisterWordA
ImmGetVirtualKey
ImmGetCompositionFontW
ImmReleaseContext
ImmReSizeIMCC
ImmEnumInputContext

oleaut32

VarDecNeg
VarDateFromDec
VariantCopyInd
SysStringLen
SafeArrayGetElemsize
VarCyFromDec

comctl32

PropertySheetA

ole32

CoGetClassVersion
CoRegisterMallocSpy
CoTaskMemRealloc
OleCreateLinkToFile
StgCreateDocfile
CLSIDFromProgIDEx

advapi32

RegDeleteKeyA

kernel32

VirtualProtectEx
SetFileAttributesW
lstrcatW
lstrlenA
ReplaceFileW
UnmapViewOfFile
AddConsoleAliasW
CompareFileTime
CreateJobObjectW
EnumDateFormatsExA
EnumDateFormatsExW
ExitProcess
ExpandEnvironmentStringsW
FindFirstVolumeMountPointW
GetBinaryTypeA
GetCommConfig
GetCommandLineA
GetDateFormatA
GetFileSizeEx
GetModuleHandleA
GetTapeParameters
GetVersionExA
GlobalLock
HeapAlloc
HeapCreate
InitializeCriticalSection
IsBadReadPtr
IsBadWritePtr
LocalReAlloc
Module32FirstW
ReadFileEx

ntdll

wcscpy
wcscspn
RtlInitString
RtlDestroyEnvironment

Exports

Exports

BindTexture
D3D9UnmapVertexBuffer
EnumFileInItemRelease
EnumImageFormatAttributeReset
EnumTvValueReset
GetCDInfo
GetExposureComp
GetFile
GetFileHeader
GraphicsUnmapResources
IsoTrackSetBootOptions
Memset2D
SetAllParamValueToAtCapture
StreamDestroy

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

905b3e0081387a0a7d0252ab327b3806

Headers

File Characteristics

Imports

imm32

oleaut32

comctl32

ole32

advapi32

kernel32

ntdll

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 160KB

.data Size: 72KB - Virtual size: 116KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 160KB - Virtual size: 160KB

.data
Size: 72KB - Virtual size: 116KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB