JaffaCakes118_59fa95def88159bd57001640175e65dad7e4d76279ff15faadb6ef75f8e880f2

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_59fa95def88159bd57001640175e65dad7e4d76279ff15faadb6ef75f8e880f2
Size

403KB
MD5

91861834710517931916b180bdbf2b4b
SHA1

b1291233ea3dea5159e261b1ab3fd7310a64ac42
SHA256

59fa95def88159bd57001640175e65dad7e4d76279ff15faadb6ef75f8e880f2
SHA512

523a7296a8a8cba86a40253b9af6a02d77ab86756885dfa0938fb2ac9bdbe70823469bbf14247aca0af50d7fb8f4ed384e400a0beaf7183bf4d1b49938165bf4
SSDEEP

6144:54Gp1gZmFlZKmP4jrc9/5fS9XJqLSYmHiNKhV5B:JrgZm7ZKmP4jrGg9XKg6KX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_59fa95def88159bd57001640175e65dad7e4d76279ff15faadb6ef75f8e880f2

Files

JaffaCakes118_59fa95def88159bd57001640175e65dad7e4d76279ff15faadb6ef75f8e880f2
.dll regsvr32 windows:5 windows x86 arch:x86

9c7729e7e6125436737710b1ba737d7e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindResourceA
CloseHandle
DeleteTimerQueueEx
CreateThread
CreateTimerQueueTimer
LoadResource
Sleep
VirtualAlloc
SetStdHandle
WriteConsoleW
SizeofResource
lstrlenA
MulDiv
SetEvent
CreateEventA
CreateTimerQueue
WaitForSingleObject
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetLastError
HeapFree
RaiseException
RtlUnwind
GetCurrentThreadId
GetCommandLineA
LCMapStringW
GetCPInfo
HeapAlloc
HeapCreate
HeapDestroy
IsProcessorFeaturePresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
GetLocaleInfoW
HeapReAlloc
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteFile
GetModuleFileNameW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
LoadLibraryW
CreateFileW

user32

GetDC

gdi32

CreateCompatibleDC
SelectObject
SelectPalette
RealizePalette
GetDeviceCaps
GetObjectA

Exports

Exports

ArrCount
DllRegisterServer
GetDisplay

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 259KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c7729e7e6125436737710b1ba737d7e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 107KB - Virtual size: 106KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 259KB - Virtual size: 259KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 107KB - Virtual size: 106KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 259KB - Virtual size: 259KB

.reloc
Size: 8KB - Virtual size: 8KB