83afa4cd91397118d4aa540d4cbfd5f8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

83afa4cd91397118d4aa540d4cbfd5f8_JaffaCakes118
Size

30KB
MD5

83afa4cd91397118d4aa540d4cbfd5f8
SHA1

ce3709e2ee3905186ba8b24d4c8e1c98ec2f852e
SHA256

8d0dfbc40f95efaca107f504d88a4bcef7532d806485e142a6e8c2aae4b4e709
SHA512

2f066e8a33b19e098f9b1df416cef94a00d465a68c35b8e3a5a00b35a2f5f5166c07fc943c7d5f78e37aaf416b82d1cdeae783f8bf97a746a762492ae984905c
SSDEEP

384:tIGODFIb0tK8NKVWegfImK6N8ZoPM13tjU:t7oFy0tzNKVWeCImK6Mx1hU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83afa4cd91397118d4aa540d4cbfd5f8_JaffaCakes118

Files

83afa4cd91397118d4aa540d4cbfd5f8_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

cb58fc06cf43cc26c0b2b90e8bcb0baf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls

rpcrt4

CStdStubBuffer_QueryInterface
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrProxyErrorHandler
NdrProxyFreeBuffer
NdrConvert
NdrProxySendReceive
NdrConformantStringMarshall
NdrProxyGetBuffer
NdrConformantStringBufferSize
RpcRaiseException
NdrProxyInitialize
CStdStubBuffer_AddRef
NdrConformantStringUnmarshall
NdrStubInitialize
NdrSimpleTypeMarshall
NdrSimpleTypeUnmarshall
NdrClearOutParameters
NdrComplexStructUnmarshall
NdrPointerFree
NdrComplexStructMarshall
NdrComplexStructBufferSize
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
NdrOleAllocate
NdrOleFree
NdrStubGetBuffer

msvcrt

_adjust_fdiv
malloc
_initterm
free
memcmp
memset
_except_handler3

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.orpc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 4KB - Virtual size: 672B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb58fc06cf43cc26c0b2b90e8bcb0baf

Headers

File Characteristics

Imports

kernel32

rpcrt4

msvcrt

Exports

Exports

Sections

.orpc Size: 8KB - Virtual size: 5KB

.text Size: 4KB - Virtual size: 672B

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 72B

.reloc Size: 4KB - Virtual size: 880B

.orpc
Size: 8KB - Virtual size: 5KB

.text
Size: 4KB - Virtual size: 672B

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 72B

.reloc
Size: 4KB - Virtual size: 880B