ef9be66ef0e85ac80bc5f15d1036a137_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ef9be66ef0e85ac80bc5f15d1036a137_JaffaCakes118
Size

349KB
MD5

ef9be66ef0e85ac80bc5f15d1036a137
SHA1

37fa0e0e62962d9d99b6b29dea63de5a7d81e3f1
SHA256

14b6cc6d4bc4b8fe9f9acf272321e33b18917c76b5e88c8d6a24ce230894c0ea
SHA512

fc71a3e092a41d1b857f04b48b1cb8e4057d5219fa7f61c1cc9c77d5ed461080df1b561fa8697fc045f1339d4f13d9f96f4a226d1f9347d75dc85f9aee8ab1ec
SSDEEP

3072:m1os9i5SgHjPzBSH/5ww77EMKRvkQ8QE9O/sy61AhXwOS4dlsQIhf7g/m8nt1TQl:AovBZvckMmXlsPcWJp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef9be66ef0e85ac80bc5f15d1036a137_JaffaCakes118

Files

ef9be66ef0e85ac80bc5f15d1036a137_JaffaCakes118
.dll regsvr32 windows:6 windows x86 arch:x86

60917b3acd9b0bfbffa2da75cadf09a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

IEProxy.pdb

Imports

msvcrt

memcpy
_XcptFilter
malloc
free
_initterm
_amsg_exit
_adjust_fdiv

rpcrt4

CStdStubBuffer_DebugServerRelease
NdrOleAllocate
NdrDllUnregisterProxy
NdrDcomAsyncClientCall
NdrGetUserMarshalInfo
RpcRaiseException
NdrStubForwardingFunction
NdrStubCall2
NdrClientCall2
NdrDllRegisterProxy
NdrOleFree
IUnknown_QueryInterface_Proxy
IUnknown_AddRef_Proxy
IUnknown_Release_Proxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrCStdStubBuffer2_Release
CStdStubBuffer_DebugServerQueryInterface

oleaut32

LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserSize
LPSAFEARRAY_UserMarshal
VARIANT_UserSize
VARIANT_UserMarshal
VARIANT_UserUnmarshal
VARIANT_UserFree
BSTR_UserSize
BSTR_UserMarshal
BSTR_UserUnmarshal
BSTR_UserFree
LPSAFEARRAY_UserFree

ole32

HBITMAP_UserFree
HBITMAP_UserUnmarshal
HBITMAP_UserMarshal
HBITMAP_UserSize
CoTaskMemRealloc
CoTaskMemFree
HDC_UserFree
HDC_UserUnmarshal
HDC_UserMarshal
HDC_UserSize
HMENU_UserSize
HMENU_UserMarshal
HMENU_UserUnmarshal
HMENU_UserFree
HGLOBAL_UserSize
HGLOBAL_UserMarshal
HGLOBAL_UserUnmarshal
HGLOBAL_UserFree
HACCEL_UserSize
HACCEL_UserMarshal
HACCEL_UserFree
HICON_UserSize
HICON_UserMarshal
HICON_UserUnmarshal
HICON_UserFree
HWND_UserSize
HWND_UserMarshal
HWND_UserUnmarshal
HWND_UserFree
HACCEL_UserUnmarshal

kernel32

InterlockedCompareExchange
InterlockedExchange
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
DisableThreadLibraryCalls

user32

IsWindowEnabled
EnableWindow

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

60917b3acd9b0bfbffa2da75cadf09a3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

rpcrt4

oleaut32

ole32

kernel32

user32

Exports

Exports

Sections

.text Size: 181KB - Virtual size: 181KB

.orpc Size: 10KB - Virtual size: 9KB

.data Size: 25KB - Virtual size: 24KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 22KB - Virtual size: 21KB

.text Size: 108KB - Virtual size: 112KB

.text
Size: 181KB - Virtual size: 181KB

.orpc
Size: 10KB - Virtual size: 9KB

.data
Size: 25KB - Virtual size: 24KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 22KB - Virtual size: 21KB

.text
Size: 108KB - Virtual size: 112KB