138e8a7de5d7994918d291db625b9a15_JaffaCakes118

General

Target

138e8a7de5d7994918d291db625b9a15_JaffaCakes118
Size

189KB
MD5

138e8a7de5d7994918d291db625b9a15
SHA1

0fdad8095a53676fd1f825dc4a739b29339d65ed
SHA256

062afe04371d821a5748a836ce7c1617fd4891d2de17cde746bef593a8cb18ec
SHA512

8c3ba95a394147a2b787ffdb2d0570c4a54bef42c3b45ae1520e762783a174f1bade5117e8a22a4861fdc0613ccaa940859ae2ecb998ccfe885172150e8937b2
SSDEEP

3072:Fuhg8wTWEUnDnnSpHtFZsSjouZd0ygpz83pGpmjv6rc9aAvXK3rinCXcDr:GkzUnDSBtjsRuZizpqRLi+i3rinCXc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
138e8a7de5d7994918d291db625b9a15_JaffaCakes118

Files

138e8a7de5d7994918d291db625b9a15_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

dce096bd93f9f3b32476b4bbd28ca985

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_wcsicmp
free
??2@YAPAXI@Z
qsort
wcschr
malloc
memmove
_wtol
_purecall
_initterm
_adjust_fdiv
?terminate@@YAXXZ
_except_handler3
??3@YAXPAX@Z
_callnewh

msvcp60

?nothrow@std@@3Unothrow_t@1@B

atl

ord23
ord16
ord32
ord15
ord22
ord18
ord21

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW

kernel32

WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
TlsFree
TlsAlloc
TlsSetValue
TlsGetValue
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
GetLastError
InterlockedExchange
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement

ole32

CLSIDFromProgID
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SetErrorInfo
LoadRegTypeLi
SafeArrayCopy
SafeArrayDestroy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IASAttributeAddRef
IASAttributeAlloc
IASAttributeAnsiAlloc
IASAttributeRelease
IASAttributeUnicodeAlloc

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dce096bd93f9f3b32476b4bbd28ca985

Headers

File Characteristics

Imports

msvcrt

msvcp60

atl

advapi32

kernel32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 172KB - Virtual size: 172KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 172KB - Virtual size: 172KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB