2fa9e0402fca80b5dfca16c6c8e38bf2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2fa9e0402fca80b5dfca16c6c8e38bf2_JaffaCakes118
Size

1.3MB
MD5

2fa9e0402fca80b5dfca16c6c8e38bf2
SHA1

a537a652ffff0edb781c34609617fc24b6dc0af6
SHA256

2e6db8b5941979718c7332b18da814bb037a4bd3d1c1106e319aaf3e230d67ff
SHA512

c6f2409349d34a3953496db1530e5a2bc50c51a1fcb016fa94718921384bdb4627841808903888ab8bbe26cf352ea0a8d970de55980944bd6790cac900a8b26e
SSDEEP

24576:9/QqSNOOuBZIfDNbGbOQhRzegGi6S2PS4Huncd3+bIZlfhUZPYGkQgJu:94qYOOuBCDFcBRzlGRpscckvJUqGkQg0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fa9e0402fca80b5dfca16c6c8e38bf2_JaffaCakes118

Files

2fa9e0402fca80b5dfca16c6c8e38bf2_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

ebec47fe1301f59d0f64e625fa55b80a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msi

ord173

user32

GetDesktopWindow

gdi32

SelectClipRgn

advapi32

FreeSid

shell32

SHGetMalloc

ole32

CoTaskMemFree

oleaut32

LPSAFEARRAY_UserMarshal

rpcrt4

NdrInterfacePointerUnmarshall

winmm

sndPlaySoundW

comctl32

ord17

version

VerQueryValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
EmbeddedUIHandler
InitializeEmbeddedUI
RunISMSIMajorUpgradeRemoval
RunISMSISetup
ShutdownEmbeddedUI
f1
f10
f100
f1000
f101
f102
f103
f104
f105
f106
f107
f108
f109
f11
f110
f111
f112
f113
f114
f115
f116
f117
f118
f119
f12
f120
f121
f122
f123
f124
f125
f126
f127
f128
f129
f13
f130
f131
f132
f133
f134
f135
f136
f137
f138
f139
f14
f140
f141
f142
f143
f144
f145
f146
f147
f148
f149
f15
f150
f151
f152
f153
f154
f155
f156
f157
f158
f159
f16
f160
f161
f162
f163
f164
f165
f166
f167
f168
f169
f17
f170
f171
f172
f173
f174
f175
f176
f177
f178
f179
f18
f180
f181
f182
f183
f184
f185
f186
f187
f188
f189
f19
f190
f191
f192
f193
f194
f195
f196
f197
f198
f199
f2
f20
f200
f201
f202
f203
f204
f205
f206
f207
f208
f209
f21
f210
f211
f212
f213
f214
f215
f216
f217
f218
f219
f22
f220
f221
f222
f223
f224
f225
f226
f227
f228
f229
f23
f230
f231
f232
f233
f234
f235
f236
f237
f238
f239
f24
f240
f241
f242
f243
f244
f245
f246
f247
f248
f249
f25
f250
f251
f252
f253
f254
f255
f256
f257
f258
f259
f26
f260
f261
f262
f263
f264
f265
f266
f267
f268
f269
f27
f270
f271
f272
f273
f274
f275
f276
f277
f278
f279
f28
f280
f281
f282
f283
f284
f285
f286
f287
f288
f289
f29
f290
f291
f292
f293
f294
f295
f296
f297
f298
f299
f3
f30
f300
f301
f302
f303
f304
f305
f306
f307
f308
f309
f31
f310
f311
f312
f313
f314
f315
f316
f317
f318
f319
f32
f320
f321
f322
f323
f324
f325
f326
f327
f328
f329
f33
f330
f331
f332
f333
f334
f335
f336
f337
f338
f339
f34
f340
f341
f342
f343
f344
f345
f346
f347
f348
f349
f35
f350
f351
f352
f353
f354
f355
f356
f357
f358
f359
f36
f360
f361
f362
f363
f364
f365
f366
f367
f368
f369
f37
f370
f371
f372
f373
f374
f375
f376
f377
f378
f379
f38
f380
f381
f382
f383
f384
f385
f386
f387
f388
f389
f39
f390
f391
f392
f393
f394
f395
f396
f397
f398
f399
f4
f40
f400
f401
f402
f403
f404
f405
f406
f407
f408
f409
f41
f410
f411
f412
f413
f414
f415
f416
f417
f418
f419
f42
f420
f421
f422
f423
f424
f425
f426
f427
f428
f429
f43
f430
f431
f432
f433
f434
f435
f436
f437
f438
f439
f44
f440
f441
f442
f443
f444
f445
f446
f447
f448
f449
f45
f450
f451
f452
f453
f454
f455
f456
f457
f458
f459
f46
f460
f461
f462
f463
f464
f465
f466
f467
f468
f469
f47
f470
f471
f472
f473
f474
f475
f476
f477
f478
f479
f48
f480
f481
f482
f483
f484
f485
f486
f487
f488
f489
f49
f490
f491
f492
f493
f494
f495
f496
f497
f498
f499
f5
f50
f500
f501
f502
f503
f504
f505
f506
f507
f508
f509
f51
f510
f511
f512
f513
f514
f515
f516
f517
f518
f519
f52
f520
f521
f522
f523
f524
f525
f526
f527
f528
f529
f53
f530
f531
f532
f533
f534
f535
f536
f537
f538
f539
f54

Sections

.text
Size: 439KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ebec47fe1301f59d0f64e625fa55b80a

Headers

File Characteristics

Imports

kernel32

msi

user32

gdi32

advapi32

shell32

ole32

oleaut32

rpcrt4

winmm

comctl32

version

Exports

Exports

Sections

.text Size: 439KB - Virtual size: 1.6MB

.rsrc Size: 143KB - Virtual size: 144KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 439KB - Virtual size: 1.6MB

.rsrc
Size: 143KB - Virtual size: 144KB

.reloc
Size: 512B - Virtual size: 4KB