178a8f7c37fd939d01a024f3dad5750e_JaffaCakes118

General

Target

178a8f7c37fd939d01a024f3dad5750e_JaffaCakes118
Size

136KB
MD5

178a8f7c37fd939d01a024f3dad5750e
SHA1

44de5d51e61821af8d2e5dd448c488f7a5f487b7
SHA256

0421a035b71c820b5b1f0cb67e28ce1c7f74ca065e2858de17f5d77b87fbee8f
SHA512

d622e9d8c66246c6e38c54f46ac29ca77231bbc88609709213ebb85bcf28166d8dc1a8734434a0e543d66c03a408796b87bf8e682fa792bcaee34092c323dd21
SSDEEP

3072:K4fxiwGQ/eojOFM0w9VrDq5QgTl+FGd18Zwf4OX:hpGQ/pO29leugQFGd1kwffX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
178a8f7c37fd939d01a024f3dad5750e_JaffaCakes118

Files

178a8f7c37fd939d01a024f3dad5750e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

e5dafa7a6062197f1296826da2022df4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

realloc
calloc
_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
free
malloc
memcpy
memset
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
_stricmp

kernel32

UnhandledExceptionFilter
GetCurrentDirectoryW
ReadFile
SetFilePointer
CloseHandle
VirtualFree
LoadLibraryA
GetLastError
FreeLibrary
IsBadReadPtr
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
HeapAlloc
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
LockResource
LoadResource
SizeofResource
FindResourceW
DisableThreadLibraryCalls
GetModuleHandleW
GetProcAddress
VirtualAlloc
VirtualProtect
GetProcessHeap
HeapFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllGetModuleHandle
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5dafa7a6062197f1296826da2022df4

Headers

File Characteristics

Imports

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 88KB - Virtual size: 85KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 88KB - Virtual size: 85KB

.reloc
Size: 4KB - Virtual size: 1KB