7297d25b928241f717ec369b50955f7b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7297d25b928241f717ec369b50955f7b_JaffaCakes118
Size

1.8MB
MD5

7297d25b928241f717ec369b50955f7b
SHA1

f8e5d6b9724b9b3062fdffba42201ab91ce48c12
SHA256

72a6eeba9855cc50a4fa3e90bf33cc380d790ed7d1c263c08d6ecf39c2579d2e
SHA512

9719e5417c40e0db7102bc47ac1e9fef2e5aef1c97f2079b77ea7f0489124fc1822376a6c2633ec0cddb242f75174f774ab534f52d1c759ce6d63b4a2b207944
SSDEEP

49152:vqdcV/0EHuBa1SZuYB+VeGpZ5l+vfFRFQSnmfQMT+6:HZG9Gpz4FQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7297d25b928241f717ec369b50955f7b_JaffaCakes118

Files

7297d25b928241f717ec369b50955f7b_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

3af740cd53985d547d6e40d734b5a16d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GetProcAddress
LoadLibraryA
DeleteCriticalSection
ExitThread
LoadLibraryW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetDriveTypeA
CreateFileA
GetProcessHeap
SetEndOfFile
WriteConsoleW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
Sleep
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
GetSystemTimeAsFileTime
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileW
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
HeapCreate
HeapDestroy
VirtualFree
HeapAlloc
VirtualAlloc
HeapReAlloc
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
WriteFile
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
GetTimeZoneInformation
CloseHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
GetTimeFormatA
GetDateFormatA
GetFullPathNameW
GetCurrentDirectoryA
GetLocaleInfoA
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
SetStdHandle
CreateFileW
WriteConsoleA
GetConsoleOutputCP
CreateThread

user32

IsWindow
ShowWindow

oleaut32

VarCmp
SysAllocString
VariantClear
VariantInit
SysFreeString
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3af740cd53985d547d6e40d734b5a16d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

oleaut32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 131KB - Virtual size: 130KB

.data Size: 15KB - Virtual size: 50KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 177KB - Virtual size: 177KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 131KB - Virtual size: 130KB

.data
Size: 15KB - Virtual size: 50KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 177KB - Virtual size: 177KB