42dde5f67ff822495c7b38ad431b3418_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42dde5f67ff822495c7b38ad431b3418_JaffaCakes118
Size

339KB
MD5

42dde5f67ff822495c7b38ad431b3418
SHA1

7806c34d2d99d6742aaebb642db89c50196bd576
SHA256

31bd6970bc3e2e5ab613a7e9c8517254ad4dc567032cae6fbb7b8d2613327f47
SHA512

8fe9ced8eb3ad826605b702e360494eb4d547e07aee47233e917b24b9383ae68ed92784c461367035a0b51af0e2062e0b391b79e19b27fb39ef4777d73361365
SSDEEP

3072:kBFlsjLPrQNRExm4IJRgo6MCxMO8bpgMmQkqxjeaZG4IohXSYqm4GK3Vz6cIquwp:kBFlCQp4IJlC6gJoVFZuiXqmFKMw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42dde5f67ff822495c7b38ad431b3418_JaffaCakes118

Files

42dde5f67ff822495c7b38ad431b3418_JaffaCakes118
.dll regsvr32 windows:6 windows x86 arch:x86

524ae2368a7872ed75905d3031f17fe8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

IEProxy.pdb

Imports

msvcrt

memcpy
_XcptFilter
malloc
free
_initterm
_amsg_exit
_adjust_fdiv

rpcrt4

CStdStubBuffer_DebugServerRelease
NdrOleAllocate
NdrDllUnregisterProxy
NdrDcomAsyncClientCall
NdrGetUserMarshalInfo
RpcRaiseException
NdrStubForwardingFunction
NdrStubCall2
NdrClientCall2
NdrDllRegisterProxy
NdrOleFree
IUnknown_QueryInterface_Proxy
IUnknown_AddRef_Proxy
IUnknown_Release_Proxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrCStdStubBuffer2_Release
CStdStubBuffer_DebugServerQueryInterface

oleaut32

LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserSize
LPSAFEARRAY_UserMarshal
VARIANT_UserSize
VARIANT_UserMarshal
VARIANT_UserUnmarshal
VARIANT_UserFree
BSTR_UserSize
BSTR_UserMarshal
BSTR_UserUnmarshal
BSTR_UserFree
LPSAFEARRAY_UserFree

ole32

HBITMAP_UserFree
HBITMAP_UserUnmarshal
HBITMAP_UserMarshal
HBITMAP_UserSize
CoTaskMemRealloc
CoTaskMemFree
HDC_UserFree
HDC_UserUnmarshal
HDC_UserMarshal
HDC_UserSize
HMENU_UserSize
HMENU_UserMarshal
HMENU_UserUnmarshal
HMENU_UserFree
HGLOBAL_UserSize
HGLOBAL_UserMarshal
HGLOBAL_UserUnmarshal
HGLOBAL_UserFree
HACCEL_UserSize
HACCEL_UserMarshal
HACCEL_UserFree
HICON_UserSize
HICON_UserMarshal
HICON_UserUnmarshal
HICON_UserFree
HWND_UserSize
HWND_UserMarshal
HWND_UserUnmarshal
HWND_UserFree
HACCEL_UserUnmarshal

kernel32

LoadLibraryA
GetProcAddress
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
DisableThreadLibraryCalls

user32

IsWindowEnabled
EnableWindow

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

524ae2368a7872ed75905d3031f17fe8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

rpcrt4

oleaut32

ole32

kernel32

user32

Exports

Exports

Sections

.text Size: 182KB - Virtual size: 181KB

.orpc Size: 9KB - Virtual size: 9KB

.data Size: 25KB - Virtual size: 25KB

.rsrc Size: 99KB - Virtual size: 98KB

.reloc Size: 22KB - Virtual size: 22KB

.text
Size: 182KB - Virtual size: 181KB

.orpc
Size: 9KB - Virtual size: 9KB

.data
Size: 25KB - Virtual size: 25KB

.rsrc
Size: 99KB - Virtual size: 98KB

.reloc
Size: 22KB - Virtual size: 22KB