aff641199b1faa21ebc477202b131459_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aff641199b1faa21ebc477202b131459_JaffaCakes118
Size

116KB
MD5

aff641199b1faa21ebc477202b131459
SHA1

182c7b32f9e041278eabb03d4f4534a5ae75f5df
SHA256

5391bdbc6fb571fc20f2366dd85bfd8cb1d018f6d2cdd3a374aa5623544cea38
SHA512

d5096ea0ebcbd2b61912b19007c16ccad733a7f22b7dd79276d7415bc49e4348e5d6aa487c24228079b86584e81ec54badb5c30e814b9fa144c8e768c9655d3a
SSDEEP

3072:aWea0BEZIzTuizlHPg+gHowWKMMiU1m9:aWea0lzlHgHoDKNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aff641199b1faa21ebc477202b131459_JaffaCakes118

Files

aff641199b1faa21ebc477202b131459_JaffaCakes118
.dll windows:4 windows x86 arch:x86

770a0966cdaef3f92bccefb5ae7936ed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

RegEnumKeyA
RegLoadKeyA
RegOpenKeyExA
RegCloseKey
RegQueryValueA

ole32

WriteClassStg
StringFromGUID2
StgCreateDocfileOnILockBytes
CLSIDFromString
ReleaseStgMedium
ProgIDFromCLSID
OleSaveToStream
OleLockRunning
OleInitialize
GetRunningObjectTable
CoTaskMemRealloc
CoTaskMemAlloc
CoRevokeClassObject
CoGetMalloc
CoCreateInstance

user32

LoadAcceleratorsW
EqualRect
EnableWindow
DrawStateA
DefDlgProcA
OemToCharBuffA

shell32

SHBindToParent
SHFileOperationA
SHGetFileInfoA
SHGetMalloc

shlwapi

PathCompactPathExA
PathFindExtensionA
PathQuoteSpacesA
PathUnquoteSpacesA
SHAutoComplete

msvcrt

sprintf
strchr
memset
strtol
time
__set_app_type
_errno
_except_handler3
strlen
memmove
fflush
free
malloc
memchr
sscanf

kernel32

TlsFree
UnmapViewOfFile
lstrcmpiA
lstrcpynA
SetLastError
RaiseException
GetVersion
GetSystemTime
SleepEx

Exports

Exports

Afl
Bdz
Dsd
Ftn
Hiq
Hqr
Ihp
Ovj
Ozr
Vgk
Wim
Zbq
Zjk

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

770a0966cdaef3f92bccefb5ae7936ed

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 28KB

.rdata Size: 31KB - Virtual size: 32KB

.data Size: 31KB - Virtual size: 32KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 26KB - Virtual size: 28KB

.rdata
Size: 31KB - Virtual size: 32KB

.data
Size: 31KB - Virtual size: 32KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB