bb28391ca99067559c6596d2e770e02e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bb28391ca99067559c6596d2e770e02e_JaffaCakes118
Size

60KB
MD5

bb28391ca99067559c6596d2e770e02e
SHA1

740bd76c8bd3ab23fbf7c6188e475eb2eb409a0e
SHA256

3a9c6591025b2ed3cce851da2587c0548dc0e303065873b32359d2dac3189dc6
SHA512

07344755c9ab493fbedcd23e637e038d49781b50a275acd30e5bd38f2460d6eb6805bfbe2ac4472f7455fc946d3f29d6acf38b31ed97b24c3453f6d12d94a337
SSDEEP

768:cyDB+uAcV/REhbWkHY9p10+Bl05p/BuPMDde1g3nN/aBj14T22nyQ3W+lOZk:/D8cV/64kHY9puV5p/WMnqyTBlOe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb28391ca99067559c6596d2e770e02e_JaffaCakes118

Files

bb28391ca99067559c6596d2e770e02e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

1e2174cd7b28b516f7086c533672b994

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetVersionExA
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
FlushFileBuffers
InterlockedDecrement
WideCharToMultiByte
FreeLibrary
GetTickCount
GetLastError
LocalFree
lstrlenA
GlobalAlloc
MultiByteToWideChar
GlobalFree
VirtualProtect
GetLocaleInfoA
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
RtlUnwind
GetCommandLineA
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
ExitProcess
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
VirtualAlloc
IsBadWritePtr
InterlockedExchange
VirtualQuery
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
GetSystemInfo

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

oleaut32

SysAllocString
VariantClear
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e2174cd7b28b516f7086c533672b994

Headers

File Characteristics

Imports

kernel32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 41KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 41KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB