2b78ed043594bc76cbed262f95facab8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b78ed043594bc76cbed262f95facab8_JaffaCakes118
Size

141KB
MD5

2b78ed043594bc76cbed262f95facab8
SHA1

23e965b28d82a2e8367d45a1e386d2cb7b91d20b
SHA256

b2d58139a7207207d6ec91b2963a63981cb86d5768324d7a8926d89578c3f297
SHA512

0a1f9fcfc7310f8b04370ec33e21f0c1624723849f9edd36b6de81bd16ed162fb5095a9f6333af49c95ccf6c8dedc263206828f5e3bee5e540e1ad39ca7d01ef
SSDEEP

3072:h9VhKK5TirhL3QQaNLwGk7t3KNwr5Zrt7/y4/dXx:3VMCTirhDfaN7kRKNwtZrM4Jx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b78ed043594bc76cbed262f95facab8_JaffaCakes118

Files

2b78ed043594bc76cbed262f95facab8_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

3eddd6ff4bac932f07aa1d6e25ab38d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

version

GetFileVersionInfoA

ws2_32

WSAStartup

mfc42

ord3663

msvcrt

_mbsstr

user32

UpdateWindow

gdi32

SelectObject

shell32

SHGetPathFromIDListA

comctl32

ImageList_ReplaceIcon

ole32

CreateStreamOnHGlobal

olepro32

ord251

oleaut32

LoadRegTypeLi

configmodule

Config_Init

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

netsdk

ord50

h264play

ord82

playback

Playback_SetStyle

winmm

sndPlaySoundA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 121KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3eddd6ff4bac932f07aa1d6e25ab38d3

Headers

File Characteristics

Imports

kernel32

version

ws2_32

mfc42

msvcrt

user32

gdi32

shell32

comctl32

ole32

olepro32

oleaut32

configmodule

msvcp60

netsdk

h264play

playback

winmm

Exports

Exports

Sections

.text Size: 121KB - Virtual size: 480KB

.rsrc Size: 19KB - Virtual size: 20KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 121KB - Virtual size: 480KB

.rsrc
Size: 19KB - Virtual size: 20KB

.reloc
Size: 512B - Virtual size: 4KB