ea9e961ae2ee78ecd80d00e5943a9f65_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ea9e961ae2ee78ecd80d00e5943a9f65_JaffaCakes118
Size

191KB
MD5

ea9e961ae2ee78ecd80d00e5943a9f65
SHA1

97f5bfed0ac397527fdd7867d9d2ec75b3f12faf
SHA256

6c95eb4090cdf4f410848095b6e11bf3a6aecb2d089bf17b7b5e18fe66a96ec6
SHA512

627cd07eed5592d2937a3df656362384751e68b01e61c5f000362b2454c14d1fc06d07551394c6fbd5085ab5a3198ea0baf55cc1d2fb4350de4a6c223400ec57
SSDEEP

3072:pHcerz3f8sEheBYapqByF2sU/c+rwm5fv6E12dym8CBg1r9ZgV/n:dbz3f/EhHIqQKXcA6EgEFTk/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea9e961ae2ee78ecd80d00e5943a9f65_JaffaCakes118

Files

ea9e961ae2ee78ecd80d00e5943a9f65_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

d758e8d9ad29f3b5938d07e7fd1be82c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
wcscmp
wcscat
swprintf
memchr
?terminate@@YAXXZ
__CxxFrameHandler
wcsstr
wcsrchr
wcscpy
swscanf
_wtoi
_purecall
free
malloc
_callnewh
_CxxThrowException
??0exception@@QAE@ABV0@@Z
_except_handler3
wcslen
_wcsicmp

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?nothrow@std@@3Unothrow_t@1@B
??0bad_alloc@std@@QAE@PBD@Z
??1bad_alloc@std@@UAE@XZ
??0bad_alloc@std@@QAE@ABV01@@Z

atl

ord22
ord15
ord32
ord21
ord18
ord16

iaspolcy

IASAttributeRelease
IASAttributeAlloc
IASAttributeUnicodeAlloc

iassvcs

IASRegisterComponent
IASGetHostByName
IASAdler32
IASGetDictionary
IASGetLocalDictionary

kernel32

DisableThreadLibraryCalls
CloseHandle
SwitchToThread
TryEnterCriticalSection
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetLocaleInfoW
FindClose
FindNextFileW
FindFirstFileW
SetFilePointer
GetFileSize
SetLastError
CreateDirectoryW
CreateFileW
InterlockedDecrement
FileTimeToSystemTime
InterlockedIncrement
LocalFree
GetSystemTimeAsFileTime
GetLocalTime
GetComputerNameW
DeleteCriticalSection
InitializeCriticalSection
GetLastError

ole32

CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantClear
SetErrorInfo
VariantInit
LoadRegTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d758e8d9ad29f3b5938d07e7fd1be82c

Headers

File Characteristics

Imports

msvcrt

msvcp60

atl

iaspolcy

iassvcs

kernel32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 168KB - Virtual size: 168KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 168KB - Virtual size: 168KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB