e7ee6b8baba20fd3d1899b66ae3565c4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e7ee6b8baba20fd3d1899b66ae3565c4_JaffaCakes118
Size

114KB
MD5

e7ee6b8baba20fd3d1899b66ae3565c4
SHA1

873a9aca0194bfab3b956c823b5eae50ecafc5cb
SHA256

5fbab02e1be6e611951ae2fa59ddfab8b179d620443cba098b84b347f491f19e
SHA512

fe8e5f8ff0907984c24545d24e317cd7fce1312925a59f5dcc52c51174ccd575f3f665a186d46673337e4d92c29c6951d6d03a8fbd0bb801e0036e7ce60355cf
SSDEEP

1536:x5XQ/6vrFSjIOAXlmsiaMMnJfibl0YwoFYOEf7wDCIiauJfXl8XlbZ:7XG6vQXARMYfgCUY1fMDeauJfGH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7ee6b8baba20fd3d1899b66ae3565c4_JaffaCakes118

Files

e7ee6b8baba20fd3d1899b66ae3565c4_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

d475e95c6b10d3192e7427260f9f2a02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetLastError
LoadLibraryA
FreeLibrary
InterlockedIncrement
InterlockedDecrement
lstrcmpiA
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
lstrlenA
SetUnhandledExceptionFilter

ole32

HWND_UserSize
HWND_UserMarshal
HWND_UserUnmarshal
HWND_UserFree
CoRegisterPSClsid
CoInitialize
CoRegisterClassObject
CoRevokeClassObject
CoUninitialize

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 89KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.abss
Size: - Virtual size: 192KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdat
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 169B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 966B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d475e95c6b10d3192e7427260f9f2a02

Headers

File Characteristics

Imports

kernel32

ole32

Exports

Exports

Sections

.text Size: 89KB - Virtual size: 160KB

.abss Size: - Virtual size: 192KB

.data Size: 8KB - Virtual size: 8KB

.rdat Size: 8KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 169B

.idata Size: 1024B - Virtual size: 966B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 224B

.text
Size: 89KB - Virtual size: 160KB

.abss
Size: - Virtual size: 192KB

.data
Size: 8KB - Virtual size: 8KB

.rdat
Size: 8KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 169B

.idata
Size: 1024B - Virtual size: 966B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 224B