8c7d8bf815f3ff9be3f4bdc51f4221e9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8c7d8bf815f3ff9be3f4bdc51f4221e9_JaffaCakes118
Size

156KB
MD5

8c7d8bf815f3ff9be3f4bdc51f4221e9
SHA1

b040446ed27139a3c2e88da5ab6471d321d8c324
SHA256

1dc6354f6d4df5edaae92f383bc0337b45b105306b56e27608382552d7ec0231
SHA512

2dd581546d67fbf974c12424cd6fcaa0ccd0206654dbad8b963d319ed0deea9f77879274c1ddcd98383f6e328bc536e929ee9bc4cab15bc97f1c971bfae33b23
SSDEEP

3072:EKqCX/aQOQ6rTeh0LGpqJgQrux+oPNws1sTUf1BgRg6Ac:/XCk6+oGMJEEoPNbsTUfL36Ac

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c7d8bf815f3ff9be3f4bdc51f4221e9_JaffaCakes118

Files

8c7d8bf815f3ff9be3f4bdc51f4221e9_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

d9738ff4f6284f1d300010fb0ff5c01b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls

rpcrt4

IUnknown_AddRef_Proxy
CStdStubBuffer_Invoke
IUnknown_Release_Proxy
NdrOleAllocate
CStdStubBuffer_QueryInterface
CStdStubBuffer_AddRef
CStdStubBuffer_Disconnect
CStdStubBuffer_Connect
NdrOleFree
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
NdrDllUnregisterProxy
NdrDllRegisterProxy
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
IUnknown_QueryInterface_Proxy

oleaut32

BSTR_UserMarshal
BSTR_UserSize
BSTR_UserUnmarshal
BSTR_UserFree

msvcr71

__dllonexit
_except_handler3
__CppXcptFilter
_adjust_fdiv
malloc
_initterm
free
memcmp
_onexit

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 135B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 148KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d9738ff4f6284f1d300010fb0ff5c01b

Headers

File Characteristics

Imports

kernel32

rpcrt4

oleaut32

msvcr71

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 1020B

.orpc Size: 512B - Virtual size: 135B

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 352B

.rsrc Size: 1024B - Virtual size: 912B

.reloc Size: 512B - Virtual size: 476B

.text Size: 148KB - Virtual size: 152KB

.text
Size: 1024B - Virtual size: 1020B

.orpc
Size: 512B - Virtual size: 135B

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 352B

.rsrc
Size: 1024B - Virtual size: 912B

.reloc
Size: 512B - Virtual size: 476B

.text
Size: 148KB - Virtual size: 152KB