45128e55151f91146253686cdc13a8cd_JaffaCakes118

General

Target

45128e55151f91146253686cdc13a8cd_JaffaCakes118
Size

248KB
MD5

45128e55151f91146253686cdc13a8cd
SHA1

4f2e92b352df73b04a23048bbff1a062385295fb
SHA256

a7fbbcab1c3cb288a231dc33c42f4b786b6db548ae48bbb5894905718aa7933e
SHA512

4f073474bca277841c114b32c4de5de9917921c099f8a486c479c96912d6637f9ca352febe745f67b95b400ce979491a03b1c22446e8d5607285006347959f9e
SSDEEP

6144:uZSJgheVSPm9G0hWd2AQxXL0R6sPfaD37158RZc:WfqSPQAdm+3Pfq37MRZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45128e55151f91146253686cdc13a8cd_JaffaCakes118

Files

45128e55151f91146253686cdc13a8cd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ff379200b6a7415fa36037a1ca7e9da2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

imm32

ImmGetCompositionFontW
ImmUnregisterWordA
ImmReSizeIMCC
ImmIsIME
ImmGetVirtualKey
ImmReleaseContext
ImmEnumInputContext

comctl32

PropertySheetA

advapi32

RegDeleteKeyA

kernel32

AddConsoleAliasW
CompareFileTime
CreateJobObjectW
EnumDateFormatsExA
EnumDateFormatsExW
ExitProcess
ExpandEnvironmentStringsW
FindFirstVolumeMountPointW
GetBinaryTypeA
GetCommConfig
GetCommandLineA
GetDateFormatA
GetFileSizeEx
GetModuleHandleA
GetTapeParameters
GetVersionExA
GlobalLock
HeapAlloc
HeapCreate
InitializeCriticalSection
IsBadReadPtr
IsBadWritePtr
LocalReAlloc
Module32FirstW
ReadFileEx
ReplaceFileW
SetFileAttributesW
UnmapViewOfFile
VirtualProtectEx
lstrcatW
lstrlenA

ole32

StgCreateDocfile
OleCreateLinkToFile
CoTaskMemRealloc
CoRegisterMallocSpy
CoGetClassVersion
CLSIDFromProgIDEx

oleaut32

VarCyFromDec
VarDateFromDec
SysStringLen
SafeArrayGetElemsize
VariantCopyInd
VarDecNeg

ntdll

wcscpy
wcscspn
RtlInitString
RtlDestroyEnvironment

Exports

Exports

ClearErrors
CreateFolder
EnumBaseImageDataPropertyRelease
EnumFileInItemRelease
MallocPitch
UnregisterDriveChangeCallback

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff379200b6a7415fa36037a1ca7e9da2

Headers

File Characteristics

Imports

imm32

comctl32

advapi32

kernel32

ole32

oleaut32

ntdll

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 72KB - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 72KB - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB