3075bc6ff65acf5a352a71c61be5aad9_JaffaCakes118

General

Target

3075bc6ff65acf5a352a71c61be5aad9_JaffaCakes118
Size

260KB
MD5

3075bc6ff65acf5a352a71c61be5aad9
SHA1

441cb1bfe71479f9f09319180093a5c8099fa5dc
SHA256

7a54a1bb1ff6c0f54dbd217ac931bcae6af570855df77e09ce4c3e60fcb43b41
SHA512

72a76a7f3cf7887adbbd39d4b3fffafd3a6a04b311a05d8b186963ab670803c1f5239fb90143c48caa987c0a4f4c0681648a30133b9713cbc05879d366141eb5
SSDEEP

6144:mWIDnGeE9MEEYFcvObGFa7iEj4p6+TUHDpwKmVGRZZfz:mWmGrTEPFS+oHDCKWEZ9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3075bc6ff65acf5a352a71c61be5aad9_JaffaCakes118

Files

3075bc6ff65acf5a352a71c61be5aad9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

17a69ee85fc54be0bfbd8331611e21a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegDeleteKeyA

oleaut32

VarDecNeg
VarDateFromDec
VariantCopyInd
SysStringLen
SafeArrayGetElemsize
VarCyFromDec

kernel32

EnumDateFormatsExA
EnumDateFormatsExW
ExitProcess
ExpandEnvironmentStringsW
FindFirstVolumeMountPointW
GetBinaryTypeA
GetCommConfig
GetCommandLineA
GetDateFormatA
GetFileSizeEx
GetModuleHandleA
GetTapeParameters
GetVersionExA
CreateJobObjectW
HeapAlloc
HeapCreate
InitializeCriticalSection
IsBadReadPtr
IsBadWritePtr
LocalReAlloc
Module32FirstW
ReadFileEx
ReplaceFileW
SetFileAttributesW
UnmapViewOfFile
VirtualProtectEx
lstrcatW
lstrlenA
CompareFileTime
AddConsoleAliasW
GlobalLock

ole32

CoGetClassVersion
CoRegisterMallocSpy
StgCreateDocfile
OleCreateLinkToFile
CoTaskMemRealloc
CLSIDFromProgIDEx

imm32

ImmUnregisterWordA
ImmReleaseContext
ImmReSizeIMCC
ImmIsIME
ImmGetCompositionFontW
ImmGetVirtualKey
ImmEnumInputContext

comctl32

PropertySheetA

ntdll

wcscpy
wcscspn
RtlInitString
RtlDestroyEnvironment

Exports

Exports

D3D10ResourceSetMapFlags
EnumDevicePropertyNext
EnumMCCustomCapReset
GetErrorLog
GetFunctions_i
GraphicsUnregisterResource
SetDoubleForDevice
ThreadExit
UnFocusRAWObject

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17a69ee85fc54be0bfbd8331611e21a9

Headers

File Characteristics

Imports

advapi32

oleaut32

kernel32

ole32

imm32

comctl32

ntdll

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 176KB

.data Size: 72KB - Virtual size: 100KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 176KB - Virtual size: 176KB

.data
Size: 72KB - Virtual size: 100KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB