17678f624b6aa1b361dc38545553d7f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

17678f624b6aa1b361dc38545553d7f6_JaffaCakes118
Size

56KB
MD5

17678f624b6aa1b361dc38545553d7f6
SHA1

11b82ede06599f849cadf40d2c27f86f97dc496e
SHA256

3f6962f8d9d86ddb6d942fe029f82205b89bbe75564d5947473d602618862f34
SHA512

10f1cb7295cf843d5f84f66ed738fdb42dcc5dc244ee6907233ab14998299628be791454e853a2e79762556c7e67f45049469e17282907aaa52ce6ef85aaca26
SSDEEP

1536:zoP3fxoX3hotzQUhv9t/f1PcR3sFMvGj6ctItcFqVI5qX6N7A7UP:W6ZcHqEAU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17678f624b6aa1b361dc38545553d7f6_JaffaCakes118

Files

17678f624b6aa1b361dc38545553d7f6_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

eb2ccfe6e45d8e3b2bb55f78b23684b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
HeapDestroy
lstrlenA
LeaveCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcatA
EnterCriticalSection
DisableThreadLibraryCalls
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
lstrcpyA
GetShortPathNameA

user32

MessageBoxA
CharNextA
LoadImageA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoCreateInstance

oleaut32

LoadRegTypeLi
RegisterTypeLi
SysAllocString
LoadTypeLi
SysStringLen
SysAllocStringLen
SysFreeString
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayDestroy

gdi32

DeleteDC
GetDIBColorTable
CreateCompatibleDC

msvcrt

_initterm
free
memcmp
_purecall
_stricmp
memcpy
malloc
strcat
rand
strstr
??2@YAPAXI@Z
??3@YAXPAX@Z
strcpy
strlen
_adjust_fdiv

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb2ccfe6e45d8e3b2bb55f78b23684b6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

gdi32

msvcrt

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 752B

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 752B

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB