4b92baae7b753bc615779a77dff86895_JaffaCakes118

General

Target

4b92baae7b753bc615779a77dff86895_JaffaCakes118
Size

76KB
MD5

4b92baae7b753bc615779a77dff86895
SHA1

c50dc69b58d9802c4ade810f8b7ac330cd03b4b9
SHA256

267e3ea361f4c03a547e90745be4da8e2b31df6232c5a5f9ebab3a1e9597f7a7
SHA512

8d95978f053140c4a8db0d42027222c342e747f3ee14960e237112d7a9055e78d1f44362a7725c335c93bf7a02e876014925c338fe578f79ba66796ecbd569ee
SSDEEP

1536:p1GNVYmXUUa4zZfyZA0+Ou9cEUlEY1FOFS:XMT864x+TJUldqF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b92baae7b753bc615779a77dff86895_JaffaCakes118

Files

4b92baae7b753bc615779a77dff86895_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

d2e80abb7832383a387b842003bb76b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MapViewOfFile
LocalFree
GetModuleFileNameA
HeapFree
Sleep
CreateFileA
CreateThread
LoadLibraryA
CopyFileA
GetLastError
ReadFile
CloseHandle
GetProcAddress
VirtualProtect
ExpandEnvironmentStringsA
ReleaseMutex
GetCurrentProcessId
SetVolumeLabelW
VerifyVersionInfoW
GetDefaultCommConfigW
MoveFileExW
CreateMailslotA
VirtualQueryEx
GetCommMask
GetProfileStringW
GlobalFlags
GlobalMemoryStatusEx
FindVolumeClose
IsDBCSLeadByte
SetCommBreak
SetFilePointerEx
GetProfileStringA
FindNextChangeNotification
GetConsoleCP
GetVersion
IsWow64Process
GlobalFindAtomW
OpenSemaphoreA
GetTempFileNameW
GetEnvironmentStringsW
GlobalFree
FlushConsoleInputBuffer
GetFileInformationByHandle
CopyFileExW
WinExec
SetCommState
BeginUpdateResourceA
SetFileTime
ReleaseActCtx
CreateSemaphoreA

ole32

CreateDataAdviseHolder
CoFileTimeNow
StgOpenStorageOnILockBytes
CoCreateInstanceEx
CoGetObjectContext
CoAllowSetForegroundWindow
CoMarshalInterThreadInterfaceInStream
CoUnmarshalInterface
CoDisableCallCancellation
GetRunningObjectTable
CoTaskMemFree
CreateBindCtx
CoCreateInstance

oleaut32

SysAllocString
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2e80abb7832383a387b842003bb76b7

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 2KB