f50b6b88016e9a0f4e9f41aeeaf77543_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f50b6b88016e9a0f4e9f41aeeaf77543_JaffaCakes118
Size

325KB
MD5

f50b6b88016e9a0f4e9f41aeeaf77543
SHA1

1d8f45992e9221f3bf737ae5a9ddedd6da1959ae
SHA256

06e24038214ccd490a4e2b60ed8f9bf32c21c493e3cfca61f79ad47c49f608b0
SHA512

e6b84b124136f0680d1a23d616459e6d9b0177b944008e1f2730a878d21d45450fdc57deb767b36a6acfc60bbdb4de2aff2838b9fa4467eaee36b44eb96ba6bb
SSDEEP

6144:WMzZp0tEeXYkn8GRY6c26Qmo3e8tvGVnJkcFuAUdCeHo7vtqRXW19x5raSE9VhUq:vH0pXYgRYDafAnE9VhUJDgNnldt+MF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f50b6b88016e9a0f4e9f41aeeaf77543_JaffaCakes118

Files

f50b6b88016e9a0f4e9f41aeeaf77543_JaffaCakes118
.dll windows:4 windows x86 arch:x86

745c3072020bc5566ba3c3645cea59c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FlushFileBuffers
FormatMessageA
GetACP
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeThread
GetFileSize
GetLastError
GetLocalTime
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GlobalAlloc
GlobalFree
HeapAlloc
HeapCreate
HeapDestroy
ExitProcess
HeapLock
HeapReAlloc
HeapUnlock
HeapWalk
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
LoadLibraryA
LocalAlloc
LocalReAlloc
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RtlUnwind
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualProtect
WaitForSingleObject
WideCharToMultiByte
lstrcpynA
EnterCriticalSection
DisableThreadLibraryCalls
DeleteTimerQueueTimer
HeapFree
CloseHandle

ole32

CoInitializeEx
CLSIDFromString
CoTaskMemFree

oleaut32

VarBstrFromCy
VarCyFromI2
VarI4FromI1
VarUI2FromUI4
VariantInit
SysAllocString

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
DeregisterEventSource

Exports

Exports

ActViewfinderAutoFunctions
AddPicture2
CreateIsoItemOfSize
D3D10ResourceGetMappedArray
FreeHost
GetDevicePropertyCount
GetMCCustomItemDataCount
Memcpy2DAsync
SetDesiredUDFRevision
StreamDestroy
WriteDevParamToRAW

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

745c3072020bc5566ba3c3645cea59c8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

oleaut32

advapi32

Exports

Exports

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 108KB - Virtual size: 107KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 157KB - Virtual size: 156KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 108KB - Virtual size: 107KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 157KB - Virtual size: 156KB

.reloc
Size: 3KB - Virtual size: 3KB