19b4b84940468f6c48efd8c2e13906b1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19b4b84940468f6c48efd8c2e13906b1_JaffaCakes118
Size

24KB
MD5

19b4b84940468f6c48efd8c2e13906b1
SHA1

f578126db6bfb8d5e8a415191d9726bcb24d10b6
SHA256

eaca80cc300656a926ac85de3fdf0a20ff66125a4bbf850b9470dd6b2cadedbd
SHA512

8b9a2aaece6f73bf8541b9ef449c557be79434393d1567f26bc08e15419e158b38ef4f47cb19e1a4c62ce044206ddd4f7167bd1cce1b97c0e5c9c81d8456e2f8
SSDEEP

192:uJ+ZhxGldRpXKRhynoIxL0sdjWGs4DFCAE/YF0S3H:o+ZHARp6RhyNpWGDFh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19b4b84940468f6c48efd8c2e13906b1_JaffaCakes118

Files

19b4b84940468f6c48efd8c2e13906b1_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

1098fd791942edd62a39be70e835fb0e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
HeapAlloc
GetSystemInfo
GetVersionExA
HeapCreate
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
DeleteCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyA
MultiByteToWideChar
lstrlenA
lstrcatA
WideCharToMultiByte
DisableThreadLibraryCalls
GetModuleFileNameA
HeapReAlloc
HeapFree

user32

CharNextA

ole32

CoCreateInstance

oleaut32

LoadTypeLi
RegisterTypeLi
SysAllocString
SysFreeString

tapi32

lineRemoveProvider
lineAddProviderA
lineGetProviderListA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 350B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ