694bb8ff0c9e4109dbbd376d5493c633_JaffaCakes118

General

Target

694bb8ff0c9e4109dbbd376d5493c633_JaffaCakes118
Size

73KB
MD5

694bb8ff0c9e4109dbbd376d5493c633
SHA1

a9542e945290715c2e31d8c8950b8c42b4592fcf
SHA256

969ebe2d9aa0239b3f642567b8696e30203a1e54e115fc5a683f642dd7d9f1b3
SHA512

71c4fcd4e43d70256d4586891d8e0de719684f0c844778ca0c44287bf01c17ce348da0f9cc96f1e7d08967186db1addf8738af8d225d3be74a9a19d8bdd0ffc9
SSDEEP

1536:VfJfTiD2JOg89ypX2aM8qiSbs+Nk20p9qMSMCB+lEQO5uQTMJWQohLUUjtsinCXD:zmg8w2aM8qTsAk2g9qIlDO5uQHzhLUUn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
694bb8ff0c9e4109dbbd376d5493c633_JaffaCakes118

Files

694bb8ff0c9e4109dbbd376d5493c633_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

dce096bd93f9f3b32476b4bbd28ca985

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_wcsicmp
free
??2@YAPAXI@Z
qsort
wcschr
malloc
memmove
_wtol
_purecall
_initterm
_adjust_fdiv
?terminate@@YAXXZ
_except_handler3
??3@YAXPAX@Z
_callnewh

msvcp60

?nothrow@std@@3Unothrow_t@1@B

atl

ord23
ord16
ord32
ord15
ord22
ord18
ord21

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW

kernel32

WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
TlsFree
TlsAlloc
TlsSetValue
TlsGetValue
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
GetLastError
InterlockedExchange
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement

ole32

CLSIDFromProgID
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SetErrorInfo
LoadRegTypeLi
SafeArrayCopy
SafeArrayDestroy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IASAttributeAddRef
IASAttributeAlloc
IASAttributeAnsiAlloc
IASAttributeRelease
IASAttributeUnicodeAlloc

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dce096bd93f9f3b32476b4bbd28ca985

Headers

File Characteristics

Imports

msvcrt

msvcp60

atl

advapi32

kernel32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 56KB - Virtual size: 56KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 56KB - Virtual size: 56KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB