JaffaCakes118_ce09fe9cabe24b428d25c62c62e935e21e3b46ab841c86fb95112c7b36909999

General

Target

JaffaCakes118_ce09fe9cabe24b428d25c62c62e935e21e3b46ab841c86fb95112c7b36909999
Size

76KB
MD5

b304c52981bc41b857bd9133be4068e7
SHA1

12c0fe1b30e5141e1fd071dac1b6473f816269f6
SHA256

ce09fe9cabe24b428d25c62c62e935e21e3b46ab841c86fb95112c7b36909999
SHA512

f10d908b0fcf7a1f499c43f2bca225facb6773529a2a54ce6dd21a5704ce2cedf62c6b3c534bfe81d99a7546f41e1378bb1345e7f3a5e9dfc248320cc4e69333
SSDEEP

1536:NHXvfSrDpyOTyXi0b+LD1j8t3eDcazFSp89ODOZT4rs+zoK:N3v6ZyOTyO/1j8dewac+ZZ0rnH

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/wobip7

JaffaCakes118_ce09fe9cabe24b428d25c62c62e935e21e3b46ab841c86fb95112c7b36909999
.zip

Password: infected
wobip7
.dll regsvr32 windows:6 windows x64 arch:x64

3b4014f1ffd5245ea948c717c78d1d57

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
GetUserDefaultUILanguage
QueryPerformanceCounter
GetCurrencyFormatA
GetLastError
TlsGetValue
HeapAlloc
HeapFree
CreateFileA
EnterCriticalSection
LoadLibraryA
GetProcAddress

Exports

Exports

DllGetClassObject
DllRegisterServer
PluginInit

Sections

.text
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE