JaffaCakes118_88604ad79ecb7f818bbcceba073e43f9

General

Target

JaffaCakes118_88604ad79ecb7f818bbcceba073e43f9
Size

144KB
MD5

88604ad79ecb7f818bbcceba073e43f9
SHA1

bb3ef6e04606f387829041fd6d20b5d5810504b3
SHA256

e05bf49fd4bfeec4f8ea08eba1b62500e778ef47c63fdc156bd193c682a3c126
SHA512

9aaa94dacafec669a24e98271c8f687beaeef88cdbcc5e9402fd011ac7caf055a3239b17e5463d2b21a7c9db1badf16e395185da545c4857a5d44e6ba80625c8
SSDEEP

3072:aLFyLw4MDuCyfzKqrhtYuEL+sm7dVDGFyPtBD:EbafzoL+PdQyX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_88604ad79ecb7f818bbcceba073e43f9

Files

JaffaCakes118_88604ad79ecb7f818bbcceba073e43f9
.dll regsvr32 windows:4 windows x86 arch:x86

ecfb7f2185392039069971ccae4d4bd7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls

rpcrt4

NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrCStdStubBuffer2_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrClientCall2

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 4KB - Virtual size: 470B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 736B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 526B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ecfb7f2185392039069971ccae4d4bd7

Headers

File Characteristics

Imports

kernel32

rpcrt4

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 470B

.orpc Size: 4KB - Virtual size: 736B

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 584B

.reloc Size: 4KB - Virtual size: 526B

.text Size: 116KB - Virtual size: 116KB

.text
Size: 4KB - Virtual size: 470B

.orpc
Size: 4KB - Virtual size: 736B

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 584B

.reloc
Size: 4KB - Virtual size: 526B

.text
Size: 116KB - Virtual size: 116KB