157e83bc402d6197a518ae59b17cc9a3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

157e83bc402d6197a518ae59b17cc9a3_JaffaCakes118
Size

5KB
MD5

157e83bc402d6197a518ae59b17cc9a3
SHA1

1945a9db1c9d2fb6cb421b15b4783c86903cadf8
SHA256

d8a97205ff108e5ad79c9b8fcf1c0f0e176af39d8e44cecbe672d9563fad89a6
SHA512

553f24cd8c9ffe2a5ae9bab059a8030670504b7f0842c01e854f1e4867facd5c529a63709f214cea23edc7e4492729a635d201a3de65acd5b0b1f67537b77449
SSDEEP

96:9yC7oDNqqz+UDf9z0xW2gayvdQ5//mvXW7O8r/:9yC7o4KFzU1yvdQ5//mvX6O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
157e83bc402d6197a518ae59b17cc9a3_JaffaCakes118

Files

157e83bc402d6197a518ae59b17cc9a3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ac6e09348c03a61ba3cfe6c980f7f633

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
lstrlenA
GetLastError
MultiByteToWideChar
AreFileApisANSI
SetLastError
GetFullPathNameA
GetFileAttributesA
GetTempPathA
GetTickCount
FindClose
FindFirstFileA
lstrcpyA
GetEnvironmentVariableA
GetModuleFileNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
lstrcatA
CloseHandle
WriteFile
CreateFileA
FreeLibrary
Sleep
GetProcAddress
LoadLibraryA

user32

MessageBoxA

shell32

ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
SHGetDesktopFolder

Exports

Exports

KillSelf
RegSvr33
UnregSvr33

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ