JaffaCakes118_cc1745955641e87db0112fedad07b0a00623fda5c4cc3d68dc2bbee40a4c96bc

General

Target

JaffaCakes118_cc1745955641e87db0112fedad07b0a00623fda5c4cc3d68dc2bbee40a4c96bc
Size

97KB
MD5

ef6382fccc81f341da9b274a4ca5db40
SHA1

3494ee0961602d3f0d79f6745ac89b827813ed56
SHA256

cc1745955641e87db0112fedad07b0a00623fda5c4cc3d68dc2bbee40a4c96bc
SHA512

515323e7511d41bdf2491ba0dc75b686f7efab7038e3f62c00ddf930ace7c552dfbc8056965e7b75de1adfbc0cc415ea844824635190a8fe1ebcf4cfa77b2b39
SSDEEP

3072:cmlizy70mi9hlGucGy/XV7IUJ+QjywcBf1ZlGvtMUH:Lizq0Lby/XlPy11ZleMUH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/opzi0n1[1].dll

Files

JaffaCakes118_cc1745955641e87db0112fedad07b0a00623fda5c4cc3d68dc2bbee40a4c96bc
.zip

Password: infected
opzi0n1[1].dll
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Blessingly
Beleaf
Saccharomycetales
Pastorale
Schoolmistress
Undatedness
Justiceless
Blandness
Interrace
Pertinaciously
DllCanUnloadNow
Bewhiten
Acolythate
Cornroot
Overpot
Populin
DllUnregisterServer
DllRegisterServer
Naufragous
Terephthalic
Plicatile
Ritualist
Dampproofing
Phersephoneia
Factice
Pedetinae
DllGetClassObject
Coecum

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.insculp
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.blea
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.toy
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 1024B - Virtual size: 792B

.insculp Size: 6KB - Virtual size: 6KB

.t Size: 6KB - Virtual size: 6KB

.blea Size: 7KB - Virtual size: 7KB

.toy Size: 5KB - Virtual size: 4KB

.data Size: 86KB - Virtual size: 103KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 1024B - Virtual size: 792B

.insculp
Size: 6KB - Virtual size: 6KB

.t
Size: 6KB - Virtual size: 6KB

.blea
Size: 7KB - Virtual size: 7KB

.toy
Size: 5KB - Virtual size: 4KB

.data
Size: 86KB - Virtual size: 103KB

.reloc
Size: 4KB - Virtual size: 3KB