3f92c228da39bc12820619e60d6bfaef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f92c228da39bc12820619e60d6bfaef_JaffaCakes118
Size

22KB
MD5

3f92c228da39bc12820619e60d6bfaef
SHA1

abc230076d169f23947edf1dfaf637ebde0d227e
SHA256

bf69fce0d21b94c5f3ea03b0f67f39408afe948d3426cb185b6508992f9d4ed4
SHA512

48a2f31d17b3a1488b33ffad5657b6fb4adf8a5e92accb232cd7bfc52d1450746b1cf178602929916b57e08a907cabe668fb98d01f0b5df55acd44a7a3db4239
SSDEEP

384:DaJKAysQXoAunD96brY4HeBVOrNk+VIWQFc4ea1laZJowf3gihUdz7vvxlLL0WyW:uQXhuDYbrY4Rk+IFQyqguKz7Dn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f92c228da39bc12820619e60d6bfaef_JaffaCakes118

Files

3f92c228da39bc12820619e60d6bfaef_JaffaCakes118
.dll windows:5 windows x86 arch:x86

476bc0467ef2830c6883549dd86c8fc6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

wsprintfA

advapi32

RegCloseKey

shell32

SHGetMalloc

ole32

CoInitialize

oleaut32

SysFreeString

Exports

Exports

DllMain
GetUserInfo
IsCompaqNETUser
IsExistingAnyIAUser
IsMSNIAUser
Migrate
MigrateEx
MigrateRunDll32

Sections

.MPRESS1
Size: 17KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE