f09d0c932c4186a2b1e344431f663eea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f09d0c932c4186a2b1e344431f663eea_JaffaCakes118
Size

214KB
MD5

f09d0c932c4186a2b1e344431f663eea
SHA1

8af657f11066f80e182210aa4992197a630d008d
SHA256

916460d8d3c12d9cc68636a30ea46dcd9a4db706695a59e0c6b276e6c30d311e
SHA512

a9e3dc25c9b904c73d823f3f7d07030f7404a4b72ff2ff8a1f696ea64cbbeab2dfdcae0964fa05138e6f228c87615013a828fc80bd39bd4d4cdd365715d6af7c
SSDEEP

1536:2rQCkBXXtql+HDT3CyZlWYXAQyCYymRdBgCkYy6TU+oqMfRPO1NtX:2EBXXwcDTSi7XdyZdfBN9TT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f09d0c932c4186a2b1e344431f663eea_JaffaCakes118

Files

f09d0c932c4186a2b1e344431f663eea_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

a25a64ca235f714487cd77f2acd952ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls

rpcrt4

CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
NdrDllUnregisterProxy
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrDllRegisterProxy
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
CStdStubBuffer_Connect

oleaut32

BSTR_UserSize
BSTR_UserMarshal
BSTR_UserUnmarshal
BSTR_UserFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 167KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a25a64ca235f714487cd77f2acd952ac

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rpcrt4

oleaut32

Exports

Exports

Sections

.text Size: 512B - Virtual size: 446B

.orpc Size: 1KB - Virtual size: 1KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 996B

.rsrc Size: 33KB - Virtual size: 32KB

.reloc Size: 1024B - Virtual size: 856B

.text Size: 167KB - Virtual size: 168KB

.text
Size: 512B - Virtual size: 446B

.orpc
Size: 1KB - Virtual size: 1KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 996B

.rsrc
Size: 33KB - Virtual size: 32KB

.reloc
Size: 1024B - Virtual size: 856B

.text
Size: 167KB - Virtual size: 168KB