2d5c3242efc9df56e9553de0a48bd077_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d5c3242efc9df56e9553de0a48bd077_JaffaCakes118
Size

248KB
MD5

2d5c3242efc9df56e9553de0a48bd077
SHA1

31348ebee40b5003fb0a5b401df68d3133e38cc8
SHA256

aa9c6055d98483ce1f302e63aafc30744dee55ad91ebd7e75e76dc825e0dfb56
SHA512

66aad972b2a197aaaa55628f52bb12439ca1a38b3f6352adfe1662245848727075affdbd86ae8646c30975210e3023f41f068081f99245d2c71d80686c276d75
SSDEEP

6144:xaW3ItSlucUeyD615sFCd2MhJXXD92qUuIo1h6TJO5xyYvpDn5T5sQu:xasISCu1uMbXz0xXomVaxrpDn15sQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d5c3242efc9df56e9553de0a48bd077_JaffaCakes118

Files

2d5c3242efc9df56e9553de0a48bd077_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6adbb5a93f0a774b5fa0c87b532ed9db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

StgCreateDocfile
OleCreateLinkToFile
CoTaskMemRealloc
CoRegisterMallocSpy
CoGetClassVersion
CLSIDFromProgIDEx

kernel32

ExitProcess
ExpandEnvironmentStringsW
FindFirstVolumeMountPointW
GetBinaryTypeA
GetCommConfig
GetCommandLineA
GetDateFormatA
GetFileSizeEx
GetModuleHandleA
GetTapeParameters
GetVersionExA
GlobalLock
HeapAlloc
EnumDateFormatsExW
InitializeCriticalSection
IsBadReadPtr
IsBadWritePtr
LocalReAlloc
Module32FirstW
ReadFileEx
ReplaceFileW
EnumDateFormatsExA
SetFileAttributesW
UnmapViewOfFile
VirtualProtectEx
lstrcatW
lstrlenA
CreateJobObjectW
CompareFileTime
AddConsoleAliasW
HeapCreate

advapi32

RegDeleteKeyA

oleaut32

VarDateFromDec
VarDecNeg
VariantCopyInd
SysStringLen
SafeArrayGetElemsize
VarCyFromDec

comctl32

PropertySheetA

imm32

ImmGetVirtualKey
ImmUnregisterWordA
ImmIsIME
ImmReSizeIMCC
ImmGetCompositionFontW
ImmEnumInputContext
ImmReleaseContext

ntdll

RtlInitString
wcscpy
wcscspn
RtlDestroyEnvironment

Exports

Exports

ConvertToDCFeX
D3D9ResourceGetMappedArray
DeleteImage
EnumDriveModeReset
EnumImageItemPropertyNext
EventCreateWithFlags
GLUnmapBufferObject
GetDeviceCount
GetFile2
Init
ReadAtCapDevParamFromRAW
StreamDestroy
WriteDevParamToRawEx

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6adbb5a93f0a774b5fa0c87b532ed9db

Headers

File Characteristics

Imports

ole32

kernel32

advapi32

oleaut32

comctl32

imm32

ntdll

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 72KB - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 72KB - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB