JaffaCakes118_815df99c15d3431db3e018aad2827a816d078063fa75da842c30efff6bf08e63

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_815df99c15d3431db3e018aad2827a816d078063fa75da842c30efff6bf08e63
Size

924KB
MD5

f594e5e5fe61c353afa9389612788de9
SHA1

b9e12806da1a4a495f6c39ce14d3a44cb07703fb
SHA256

815df99c15d3431db3e018aad2827a816d078063fa75da842c30efff6bf08e63
SHA512

05824b27de666cf5dce2b365a151d42e77f4c4903acf98812936735b92ed9033eb009cbbd392d6d49349a21b1a98b53eef5db1f677bdc0288219a31ca2e50a40
SSDEEP

24576:TnaT/XRIUjl7nIjvk3FfAyzElA07q5H7WXfBSZaX2:uTPqUjl7nIRy707qdcBS4m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/data.dll

Files

JaffaCakes118_815df99c15d3431db3e018aad2827a816d078063fa75da842c30efff6bf08e63
.iso
out.iso
.iso
data.dll
.dll regsvr32 windows:6 windows x64 arch:x64

fe5f3ca2b8b652284727277bf00cc425

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcessHeap
GetLogicalDrives
GetCurrentProcess
GetThreadErrorMode
GetUserDefaultUILanguage
GetACP
GetCommandLineA
GetTickCount64
GetLastError
GetThreadUILanguage
SwitchToThread
GetTickCount
IsDebuggerPresent
GetSystemDefaultUILanguage
GetUserDefaultLangID
UnregisterApplicationRecoveryCallback
IsSystemResumeAutomatic
GetSystemDefaultLangID
TlsAlloc
UnregisterApplicationRestart
GetEnvironmentStringsW
RtlPcToFileHeader
RaiseException
CreateFileW
CloseHandle
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
WriteFile
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
GetStdHandle
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
RtlUnwindEx
InterlockedFlushSList
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
TerminateProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineW
FreeEnvironmentStringsW
LCMapStringW
EncodePointer

user32

CreateMenu
GetProcessWindowStation
GetFocus
GetCursor
GetKBCodePage
IsWow64Message
GetClipboardViewer
GetShellWindow
InSendMessage
GetCapture
GetMenuCheckMarkDimensions
CountClipboardFormats
GetForegroundWindow
GetDialogBaseUnits
GetMessageTime
SetProcessDPIAware

ole32

CoFreeUnusedLibraries
CoUninitialize

Exports

Exports

DllGetClassObject
DllRegisterServer
PluginInit
aohndqcullzbfu
cbzmavcctvofsty
dsobjkczwriuxokms
dyhltmhqa
dyhpjjyhj
ekywforwzdd
epadfiwotane
fjcgixkcq
gnjkrtgnk
iauakxzswf
iwquhoxraxxmcxdf
kalcznruvjljexl
kvkxqxnyob
lbnquhby
ljzjhtjyrsibyjwin
mdyszmjfriizcxinv
msimmmliyyvushp
nhwyboiwqshkvvsip
sdnfjsdj
skcmoykaohaltfp
tgxyhrpgsrzw
tkuhmmvbyyybytyaf
tpjjhpvseieyhhb
vdetacopjufg
vwqeqbutpfah
wcsmuzwenaqxaulu
yzefaanurgxpet
zjbaluvzr

Sections

.text
Size: 241KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 373KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 223KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
documents.lnk
.lnk

Sharing

General

Malware Config

Signatures

Files

fe5f3ca2b8b652284727277bf00cc425

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 241KB - Virtual size: 240KB

.rdata Size: 373KB - Virtual size: 372KB

.data Size: 13KB - Virtual size: 17KB

.pdata Size: 4KB - Virtual size: 4KB

.gfids Size: 512B - Virtual size: 176B

.rsrc Size: 223KB - Virtual size: 222KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 241KB - Virtual size: 240KB

.rdata
Size: 373KB - Virtual size: 372KB

.data
Size: 13KB - Virtual size: 17KB

.pdata
Size: 4KB - Virtual size: 4KB

.gfids
Size: 512B - Virtual size: 176B

.rsrc
Size: 223KB - Virtual size: 222KB

.reloc
Size: 2KB - Virtual size: 1KB