d9c58cee62f908926ac2a7beee8c50a7_JaffaCakes118

General

Target

d9c58cee62f908926ac2a7beee8c50a7_JaffaCakes118
Size

172KB
MD5

d9c58cee62f908926ac2a7beee8c50a7
SHA1

be51e56ae5df68184fdbdd71ce9f547476073964
SHA256

a6f3b41f551fe401905da85bc98c80661e45ee62352489da5108e9afa3510867
SHA512

764f5158f3a79836279322d08846945810c7250ef8e1ceca3480dc4a96898d854c8f6efffd2fca1d64b38315ef7413daafb7aee1ebdf4c33c0604f9a1b05816c
SSDEEP

1536:fGO8sjPnojMRLHS9uh49LZwqBmmwvkxOebHLoYkgVTr8YbcSH4Nz+O02knXzcRod:f4sjvnh49hoCddbt4on227ZbpV8PbLch

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9c58cee62f908926ac2a7beee8c50a7_JaffaCakes118

Files

d9c58cee62f908926ac2a7beee8c50a7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ab4cb97b8bc0580bf23781a6166de27e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
free
malloc
_initterm

mpr

WNetOpenEnumW

kernel32

DisableThreadLibraryCalls

ntdll

NtAllocateVirtualMemory

rpcrt4

CStdStubBuffer_IsIIDSupported
NdrDllUnregisterProxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_Connect
CStdStubBuffer_DebugServerQueryInterface
NdrCStdStubBuffer2_Release
NdrDllRegisterProxy
CStdStubBuffer_AddRef
NdrStubForwardingFunction
CStdStubBuffer_Invoke
NdrStubCall2
CStdStubBuffer_Disconnect
NdrDllCanUnloadNow
NdrOleAllocate
NdrOleFree
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
CStdStubBuffer_CountRefs
NdrDllGetClassObject
CStdStubBuffer_DebugServerRelease
NdrCStdStubBuffer_Release
IUnknown_QueryInterface_Proxy

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab4cb97b8bc0580bf23781a6166de27e

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

mpr

kernel32

ntdll

rpcrt4

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 40KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 512B - Virtual size: 20B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 40KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 512B - Virtual size: 20B