14d9a0853c39d30272ab1cdbcbdc6f88_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14d9a0853c39d30272ab1cdbcbdc6f88_JaffaCakes118
Size

112KB
MD5

14d9a0853c39d30272ab1cdbcbdc6f88
SHA1

e7f9991c6054d4309640c6f3fc3f4697f3e5bc3d
SHA256

fe8f67bdc37ef5ffe9196305c92dfa66e490839deed90e37103515d74d108353
SHA512

d348b2f4699770968982be0c0ca9c53514591cc4168def674ea4d26de245e48b46408bd3d435a77b16eb8e7a55ceea2fc8e4a727ed9acf62d3a6020f3b3b7416
SSDEEP

3072:YO87XkO+kOjch7chE5LxHdSRe04tKoTTEoTVP:YO870OrOYhAhE5VHdaHgbT9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14d9a0853c39d30272ab1cdbcbdc6f88_JaffaCakes118

Files

14d9a0853c39d30272ab1cdbcbdc6f88_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

dd62fff41a2b47f90bdce94d53ff7afe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

??1type_info@@UAE@XZ
__CxxFrameHandler
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
malloc
free
_initterm
_adjust_fdiv
_CxxThrowException

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA

kernel32

lstrlenW
IsBadWritePtr
IsBadReadPtr
GetModuleHandleA
FormatMessageA
GetVersionExA
LocalFree
LocalLock
LocalUnlock
GlobalFree
SetLastError
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
IsBadStringPtrA
lstrlenA
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
lstrcpyA
GetModuleFileNameA
GlobalUnlock
LocalAlloc
WideCharToMultiByte
lstrcatA
GetLastError
GlobalLock
GlobalHandle
GlobalSize
GlobalAlloc

user32

LoadStringA
MessageBoxExA
CharNextA

ole32

StringFromCLSID
CoGetClassObject
GetHGlobalFromStream
CoTaskMemFree
CreateStreamOnHGlobal

oleaut32

SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayGetDim
SafeArrayAccessData
LoadRegTypeLi
SafeArrayUnlock
RegisterTypeLi
LoadTypeLi
SetErrorInfo
SafeArrayLock
SafeArrayCreate

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetSCardDatErrorMsg

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd62fff41a2b47f90bdce94d53ff7afe

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 60KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 40KB - Virtual size: 39KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 60KB - Virtual size: 60KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 40KB - Virtual size: 39KB

.reloc
Size: 8KB - Virtual size: 8KB