c76ef98dfd852df82d72405a06608fe7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c76ef98dfd852df82d72405a06608fe7_JaffaCakes118
Size

9KB
MD5

c76ef98dfd852df82d72405a06608fe7
SHA1

4fc6744dac2c26be2af8278e3d5aa0d525e7bc1f
SHA256

73969c4a7ecd96b3fb544d9cd4a2e4dfe3b3060618aef021f6af43b934f3a119
SHA512

9e84889cf3508e5262d6d1931465b15942655ff2ea06f34755799569d6b27dbd7c631bb5df6bda5ae81ec062bcc944bb792ad6750d4319eb65582343c0a5a6f9
SSDEEP

192:Oi4Tjd7l32rBtcl/RSOZHM4bCQm4+6G+AIW0/XLH:Onjd7AtO/RrZs4eQmyW0/X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c76ef98dfd852df82d72405a06608fe7_JaffaCakes118

Files

c76ef98dfd852df82d72405a06608fe7_JaffaCakes118
.dll regsvr32 windows:6 windows x86 arch:x86

ee4276ee95e3e58ff350223cf427c12b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

w3ctrlps.pdb

Imports

msvcrt

_except_handler4_common
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
DisableThreadLibraryCalls

rpcrt4

IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
CStdStubBuffer_Connect
CStdStubBuffer_AddRef

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.orpc
Size: 512B - Virtual size: 51B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 474B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee4276ee95e3e58ff350223cf427c12b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

rpcrt4

Exports

Exports

Sections

.orpc Size: 512B - Virtual size: 51B

.text Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 984B

.rsrc Size: 1024B - Virtual size: 1008B

.reloc Size: 512B - Virtual size: 474B

.orpc
Size: 512B - Virtual size: 51B

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 984B

.rsrc
Size: 1024B - Virtual size: 1008B

.reloc
Size: 512B - Virtual size: 474B