45b71b3742e167200d6c339544553148_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45b71b3742e167200d6c339544553148_JaffaCakes118
Size

207KB
MD5

45b71b3742e167200d6c339544553148
SHA1

8cd820aacdbfb4969c2f6e76e054b3e465f264f4
SHA256

2e53aec7da1a44ff5d89f9a52923da112fc1bcd362f41e304c8203eca7478836
SHA512

cc01523835b9419eb760c6a351574d5506d23431a9833a834b050f286df787c4ef03d6bcf6bc8e95dd2b48c43f47f7a534d88096ead68cc782493767be83a81e
SSDEEP

3072:D0o3Dc40AzLKwWWGa4NKC//fW/cECxmfv+xLZSMX0Igx7DAJoNjM:Y2w49OdXa4NZJ7mGLwMX0Igx7DAJoNj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45b71b3742e167200d6c339544553148_JaffaCakes118

Files

45b71b3742e167200d6c339544553148_JaffaCakes118
.dll regsvr32 windows:6 windows x86 arch:x86

dad13e32071725476d791a5daec3539e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_DLL

PDB Paths

LogProvider.pdb

Imports

msvcrt

isleadbyte
__mb_cur_max
mbtowc
memmove
memcpy
realloc
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_amsg_exit
_XcptFilter
_callnewh
??0exception@@QAE@ABV0@@Z
_lseeki64
?what@exception@@UBEPBDXZ
??0exception@@QAE@XZ
malloc
memset
free
_errno
_iob
_snprintf
_itoa
wctomb
ferror
__badioinfo
__pioinfo
_initterm
_fileno
bsearch
wcsncmp
_wcsicmp
_wcsnicmp
_write
_isatty
__CxxFrameHandler
_purecall
_vsnprintf
_vscwprintf
calloc
_CxxThrowException
??1exception@@UAE@XZ
_vsnwprintf
_vscprintf
wcschr
wcsrchr

ntdll

RtlUnwind
RtlFreeHeap
RtlAllocateHeap

kernel32

MapViewOfFile
CreateFileMappingW
GetLocaleInfoW
UnmapViewOfFile
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
TerminateProcess
LoadLibraryExW
SetLastError
GetFileAttributesW
GetModuleHandleExW
GetSystemWindowsDirectoryW
GetVersionExW
GetFullPathNameW
lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
SetThreadLocale
GetThreadLocale
SetThreadUILanguage
CreateDirectoryW
SizeofResource
LockResource
LoadResource
WideCharToMultiByte
FindResourceW
FindResourceExW
OutputDebugStringW
GetCurrentProcessId
HeapFree
OutputDebugStringA
HeapAlloc
GetProcessHeap
GetVersionExA
HeapDestroy
HeapReAlloc
HeapSize
InterlockedExchange
Sleep
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
SearchPathW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LocalFree
FormatMessageW
FreeLibrary
CloseHandle
CreateFileW
GetSystemDirectoryW

advapi32

RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegCloseKey

user32

UnregisterClassA
LoadStringW
CharNextW

ole32

CoCreateInstance
CoTaskMemFree
ProgIDFromCLSID
StringFromGUID2

oleaut32

CreateErrorInfo
SetErrorInfo
SysAllocStringLen
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString
LoadRegTypeLi

Exports

Exports

DLLGetDISMProviderCLSID
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dad13e32071725476d791a5daec3539e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

ntdll

kernel32

advapi32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 71KB - Virtual size: 71KB

.data Size: 122KB - Virtual size: 187KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 71KB - Virtual size: 71KB

.data
Size: 122KB - Virtual size: 187KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 7KB - Virtual size: 7KB