eeaaa3854043d8e5082d542e79a4e93b_JaffaCakes118

General

Target

eeaaa3854043d8e5082d542e79a4e93b_JaffaCakes118
Size

248KB
MD5

eeaaa3854043d8e5082d542e79a4e93b
SHA1

3d277cae733547326b9cf3aecb252603b95c83e9
SHA256

2709cb2f371c914a5c012ae5f1dd5139cb0a8ea68ebe54d9419d982922e534a1
SHA512

e72a7d64c3cf1cdd47f3a3ff8d51bd010f3009b750f31fdbd253592dd5c3b6fa3011e4ee798eafd45577ddcc7ec64fab1bcb76d3e3162a881f4809a52a1780b0
SSDEEP

6144:+XBZ2uVMxMxrgY04r+W5eajBQdmYiTeyD7p3VkNJugJ2:6ZbMxMxrz+WMeQdmYiTZ7p36ruA2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eeaaa3854043d8e5082d542e79a4e93b_JaffaCakes118

Files

eeaaa3854043d8e5082d542e79a4e93b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d678afd4639f8bcac8b52192f4066d83

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegDeleteKeyA

oleaut32

VariantCopyInd
VarDateFromDec
SafeArrayGetElemsize
SysStringLen
VarCyFromDec
VarDecNeg

ole32

CoGetClassVersion
CoRegisterMallocSpy
CoTaskMemRealloc
OleCreateLinkToFile
StgCreateDocfile
CLSIDFromProgIDEx

imm32

ImmUnregisterWordA
ImmReleaseContext
ImmReSizeIMCC
ImmIsIME
ImmGetVirtualKey
ImmGetCompositionFontW
ImmEnumInputContext

kernel32

SetFileAttributesW
UnmapViewOfFile
VirtualProtectEx
lstrcatW
lstrlenA
AddConsoleAliasW
CompareFileTime
CreateJobObjectW
EnumDateFormatsExA
EnumDateFormatsExW
ExitProcess
ExpandEnvironmentStringsW
FindFirstVolumeMountPointW
GetBinaryTypeA
GetCommConfig
GetCommandLineA
GetDateFormatA
GetFileSizeEx
GetModuleHandleA
GetTapeParameters
GetVersionExA
GlobalLock
HeapAlloc
HeapCreate
InitializeCriticalSection
IsBadReadPtr
IsBadWritePtr
LocalReAlloc
Module32FirstW
ReadFileEx
ReplaceFileW

comctl32

PropertySheetA

ntdll

RtlInitString
RtlDestroyEnvironment

Exports

Exports

Done
EnumImageDataInItemNext
EnumImageItemPropertyReset

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d678afd4639f8bcac8b52192f4066d83

Headers

File Characteristics

Imports

advapi32

oleaut32

ole32

imm32

kernel32

comctl32

ntdll

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 72KB - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 72KB - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB