abe2b7ed1362b5211053ae9d07fbbf17_JaffaCakes118

General

Target

abe2b7ed1362b5211053ae9d07fbbf17_JaffaCakes118
Size

48KB
MD5

abe2b7ed1362b5211053ae9d07fbbf17
SHA1

a4e51002fda12b987a61d2c79939d53151243b98
SHA256

a78bb15401e251851d4bbe30202ef483c77edd7165aaf5d3b969a76c35f098ab
SHA512

59036817444235d48d4308a123ff7672a44bd31e90c18a14151b6e204e46e55ee92587c4b0fd31606af648db6e9860600b4c27de181ce37f3ef8536348421931
SSDEEP

768:sDw+CHZnyE2J1mZGsxFoKnmKzc2DXqOX7yCietampS8v:sDC5TytsfzmK5XnLyCietPS8v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abe2b7ed1362b5211053ae9d07fbbf17_JaffaCakes118

Files

abe2b7ed1362b5211053ae9d07fbbf17_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

129d2bd7bec64ba7ff0a37627f79aad3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSAStartup
socket
htons
connect
ioctlsocket
gethostbyname
send
closesocket
recv

kernel32

LocalFree
CreateThread
IsBadStringPtrA
GetModuleHandleA
Sleep
GetProcAddress
LoadLibraryA
GetLastError
GetSystemInfo
IsBadReadPtr
VirtualQuery
WideCharToMultiByte
GetTickCount
InterlockedDecrement
CloseHandle
CreateFileA
lstrcpynA
MapViewOfFile
CreateFileMappingA
OpenFileMappingA

user32

wsprintfA
GetWindowTextA
GetParent
ScreenToClient
GetClassNameA
PeekMessageA
CallNextHookEx

ole32

CoCreateInstance
OleRun

oleaut32

SysFreeString
SysAllocString
VariantClear
GetErrorInfo

msvcrt

_initterm
_adjust_fdiv
_strupr
_strdup
_CxxThrowException
??1type_info@@UAE@XZ
_onexit
__dllonexit
strchr
atoi
free
isalpha
isdigit
realloc
malloc
wcslen
??2@YAPAXI@Z
__CxxFrameHandler
sprintf
??3@YAXPAX@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

129d2bd7bec64ba7ff0a37627f79aad3

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

ole32

oleaut32

msvcrt

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 117KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 117KB

.reloc
Size: 4KB - Virtual size: 2KB