b31149acd5c62462e51d2e89b238a2e1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b31149acd5c62462e51d2e89b238a2e1_JaffaCakes118
Size

477KB
MD5

b31149acd5c62462e51d2e89b238a2e1
SHA1

f95a13d36a05b95b17a74160023e544326f0f416
SHA256

b27b71f8cbb67382be2f0b90867e3c9363b92e3418c80e158af44389a9d537c4
SHA512

9dd2b6e696b8d81d059a078e068ca443fa03867af1edcb29c749210fb20c456c1fb84511d7738ccffbc1eb892c12d6bb5abf7238249d7fda608d32b2711a9cc6
SSDEEP

6144:U3wgIISOYz/+AaY7uBLG1J13XqF2HmHSqDnSYq3fB129b2Tr5sevN2m0cXc/h:U3rs/+Aa9ZHS2Shfm1KdFYmop

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b31149acd5c62462e51d2e89b238a2e1_JaffaCakes118

Files

b31149acd5c62462e51d2e89b238a2e1_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ox6cwh8p
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 712KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

z.4yxn29
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ywlm46tx
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aj8yjysm
Size: - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

phia6la5
Size: 403KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3f.sb0.e
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f433e7fcc51e68080022754836705744

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: - Virtual size: 64KB

ox6cwh8p Size: 16KB - Virtual size: 16KB

.data Size: - Virtual size: 12KB

.rsrc Size: 52KB - Virtual size: 712KB

z.4yxn29 Size: - Virtual size: 8KB

ywlm46tx Size: - Virtual size: 4KB

aj8yjysm Size: - Virtual size: 288KB

phia6la5 Size: 403KB - Virtual size: 404KB

3f.sb0.e Size: 4KB - Virtual size: 4KB

.text
Size: - Virtual size: 64KB

ox6cwh8p
Size: 16KB - Virtual size: 16KB

.data
Size: - Virtual size: 12KB

.rsrc
Size: 52KB - Virtual size: 712KB

z.4yxn29
Size: - Virtual size: 8KB

ywlm46tx
Size: - Virtual size: 4KB

aj8yjysm
Size: - Virtual size: 288KB

phia6la5
Size: 403KB - Virtual size: 404KB

3f.sb0.e
Size: 4KB - Virtual size: 4KB