769896ae8e4dcc34dba894e6ef3ef7e0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

769896ae8e4dcc34dba894e6ef3ef7e0_JaffaCakes118
Size

1.9MB
MD5

769896ae8e4dcc34dba894e6ef3ef7e0
SHA1

099a52a26805bb867ebf4521d762cdb7d957d56b
SHA256

0ca920fc74ee2ac5edbab766f746ab557326c02ac3410787bb145fe70e17b01c
SHA512

f1b2fc96108634a79dd8cbb65e383de7c432412ba2755ee9f700fd150dd217924f65df7dfff113b74ccbd724e9146e2b8f978b0149ad5b60d8de13d53e096e05
SSDEEP

49152:4NnAA9srck9SiWtPL8jZQzSFVziU7RncXI0JzKjmf:wnMc2aINQzSFVziURcXI0Bf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
769896ae8e4dcc34dba894e6ef3ef7e0_JaffaCakes118

Files

769896ae8e4dcc34dba894e6ef3ef7e0_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

d4b345baee6c5ccf83d336782d8b4e7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SafeArrayGetUBound

advapi32

RegLoadKeyW

user32

SetRect

kernel32

GetVersion
GetVersionExW
GetVersion
GetModuleFileNameW
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

msimg32

AlphaBlend

gdi32

SetMapMode

version

GetFileVersionInfoW

ole32

CLSIDFromString

comctl32

ImageList_ReplaceIcon

wininet

InternetGetConnectedState

winspool.drv

EnumPrintersW

iconfig

DadosSMTP

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 21KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: - Virtual size: 806B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 937KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4b345baee6c5ccf83d336782d8b4e7f

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

msimg32

gdi32

version

ole32

comctl32

wininet

winspool.drv

iconfig

Exports

Exports

Sections

.text Size: - Virtual size: 2.3MB

.itext Size: - Virtual size: 5KB

.data Size: - Virtual size: 21KB

.bss Size: - Virtual size: 21KB

.idata Size: - Virtual size: 14KB

.didata Size: - Virtual size: 806B

.edata Size: - Virtual size: 162B

.vmp0 Size: - Virtual size: 937KB

.vmp1 Size: 1.8MB - Virtual size: 1.8MB

.reloc Size: 512B - Virtual size: 292B

.rsrc Size: 8KB - Virtual size: 70KB

.text
Size: - Virtual size: 2.3MB

.itext
Size: - Virtual size: 5KB

.data
Size: - Virtual size: 21KB

.bss
Size: - Virtual size: 21KB

.idata
Size: - Virtual size: 14KB

.didata
Size: - Virtual size: 806B

.edata
Size: - Virtual size: 162B

.vmp0
Size: - Virtual size: 937KB

.vmp1
Size: 1.8MB - Virtual size: 1.8MB

.reloc
Size: 512B - Virtual size: 292B

.rsrc
Size: 8KB - Virtual size: 70KB