160694ae544c9ff193c3432a64a58761_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

160694ae544c9ff193c3432a64a58761_JaffaCakes118
Size

108KB
MD5

160694ae544c9ff193c3432a64a58761
SHA1

23a3556600f42f83ab73ac6d9e44d43f1dd36eb0
SHA256

30be48314c2a8b741e7f496e39627e3693be73595684999b772ed2e98203a526
SHA512

3379ee64833eccac0d7d449e5f33d00a6de6fd413ed092c2fcfe76520df3d5519a27e6373f7d94168a3525e00e2524dcbe32db05a83455b0cf3528bb7094d3d6
SSDEEP

1536:WqgpNc1+M6I/oMyEZwcXcOAG4Cmp1EIC0cpA/TzL6egG6RCQ2eTIf2nlWzvU8/xB:Wq9x+E2txp1EIuSrzLNj6vuU8/xdj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
160694ae544c9ff193c3432a64a58761_JaffaCakes118

Files

160694ae544c9ff193c3432a64a58761_JaffaCakes118
.dll windows:6 windows x86 arch:x86

d72f9151cb5935a06d0ddeffa0209701

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

JSProfilerCore.pdb

Imports

msvcrt

??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
fwrite
_wfopen_s
fread
_aligned_free
_aligned_malloc
wcsncmp
calloc
_purecall
memset
__CxxFrameHandler3
wcsncpy_s
memmove_s
_ftol2
memcpy_s
free
malloc
??0exception@@QAE@XZ
_callnewh
_XcptFilter
_initterm
_amsg_exit
??1type_info@@UAE@XZ
_except_handler4_common
_unlock
__dllonexit
_lock
_onexit
realloc
_errno
fclose
_CxxThrowException

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegEnumKeyExW

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
GetCurrentProcess
HeapAlloc
HeapDestroy
GetCurrentProcessId
GetVersionExW
GetSystemInfo
DeleteFileW
GetTempPathW
GetTempFileNameW
GetSystemTimeAsFileTime
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
FreeLibrary
lstrcmpiW
GetModuleHandleW
GetProcAddress
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
OutputDebugStringA
GetVersionExA
TerminateProcess
HeapFree
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
RaiseException
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrlenW
GetLastError

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

oleaut32

SafeArrayAccessData
SafeArrayCreate
SysFreeString
VarUI4FromStr
VariantInit
VariantClear
SafeArrayDestroy
SafeArrayUnaccessData
SysAllocString

user32

CharNextW
UnregisterClassA

winmm

timeEndPeriod
timeBeginPeriod

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d72f9151cb5935a06d0ddeffa0209701

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

advapi32

kernel32

ole32

oleaut32

user32

winmm

Exports

Exports

Sections

.text Size: 42KB - Virtual size: 42KB

.data Size: 61KB - Virtual size: 61KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 42KB - Virtual size: 42KB

.data
Size: 61KB - Virtual size: 61KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB