b58cc5939721a74b8c4225491da42030_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b58cc5939721a74b8c4225491da42030_JaffaCakes118
Size

158KB
MD5

b58cc5939721a74b8c4225491da42030
SHA1

f23edbe5846fbc23a9f082504a4a8c89002fa791
SHA256

9171fc3cc773c6a56a58a2effe8a947b17752e2ed9b3b521255cf9863adbd2ca
SHA512

62eb4a01a6a2484eb83db832d1ba53d9fd98c2d7aa084f3ca059a1ef544c3ae2ef30838b82c62544834bd3700e43cf71803bd7e0d4872189ccf2fee42e1a30d2
SSDEEP

3072:ZwSmlvCg67HgqawYcNX7Ng7NHFQK7I5K/TbcAF+er0Z+ufiG2lcuIyiDtagmc:GI7HgqaJcNX7NCc4mKQOcqGgIyiDtagV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b58cc5939721a74b8c4225491da42030_JaffaCakes118

Files

b58cc5939721a74b8c4225491da42030_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

9bce6957cbedb0018b462d9d8ad39c74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

coredll

ord285
ord263
ord911
ord903
ord248
ord921
ord910
ord262
ord269
ord261
ord260
ord924
ord922
ord889
ord923
ord258
ord545
ord60
ord222
ord61
ord63
ord898
ord967
ord912
ord895
ord66
ord916
ord2028
ord271
ord272
ord264
ord704
ord288
ord886
ord194
ord705
ord935
ord249
ord860
ord95
ord878
ord267
ord266
ord875
ord256
ord251
ord287
ord246
ord931
ord265
ord876
ord268
ord257
ord276
ord98
ord885
ord247
ord945
ord896
ord96
ord940
ord941
ord934
ord942
ord919
ord930
ord928
ord669
ord250
ord259
ord678
ord672
ord671
ord33
ord56
ord5
ord4
ord1092
ord682
ord683
ord902
ord938
ord702
ord1094
ord926
ord936
ord215
ord103
ord944
ord897
ord517
ord92
ord728
ord277
ord706
ord971
ord89
ord508
ord598
ord45
ord529
ord44
ord2
ord3
ord456
ord464
ord537
ord858
ord57
ord874
ord528
ord965
ord523
ord74
ord281
ord279
ord282
ord35
ord58
ord1018
ord1046
ord93
ord195
ord866
ord200
ord213
ord690
ord533
ord532
ord1173
ord1172
ord686
ord687
ord691
ord868
ord230
ord1095
ord668
ord677
ord496
ord34

ole32

StringFromCLSID
CoGetClassObject
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

oleaut32

LoadRegTypeLib
SysStringByteLen
SysStringLen
SysFreeString
VariantChangeType
VariantInit
VariantClear
SysAllocString
VarCyFromR4
SysAllocStringLen
DispGetParam
LoadTypeLib
VarR4FromCy
VariantCopy
CreateTypeLib2

aygshell

ord34
ord56
ord30
ord4
ord21

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bce6957cbedb0018b462d9d8ad39c74

Headers

File Characteristics

Imports

coredll

ole32

oleaut32

aygshell

Exports

Exports

Sections

.text Size: 107KB - Virtual size: 106KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 41KB - Virtual size: 40KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 107KB - Virtual size: 106KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 41KB - Virtual size: 40KB

.reloc
Size: 7KB - Virtual size: 6KB