230e0c74fe5c80834f806bc4fff7c3cf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

230e0c74fe5c80834f806bc4fff7c3cf_JaffaCakes118
Size

36KB
MD5

230e0c74fe5c80834f806bc4fff7c3cf
SHA1

d2ef3dcf0610592752e1c5aa4a74cb626d366f17
SHA256

f5da4bbccf47a33f39cccc41e23468b690f44955b00c4a76aba1f72c2ba161fb
SHA512

8cf3d7bd27fe28e2f910065aea2b79eeaecad558a32ccce6203aab949337dda45219298502a67a34f72a3e23540027252d08ee56d068a390f608203896dfffdb
SSDEEP

768:hmttVoXdEjngR6rKe47dVMVmb6OAQfA9LBlHU:Etn6dEpKeAaxOC9LBO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
230e0c74fe5c80834f806bc4fff7c3cf_JaffaCakes118

Files

230e0c74fe5c80834f806bc4fff7c3cf_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

2946874e82d43bd01be1c6f3df33840e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
GetWindowsDirectoryA
GetSystemDirectoryA
GetModuleFileNameA
DeleteFileA
WritePrivateProfileStringA
CloseHandle
LoadLibraryA
GetLocalTime
GetProcAddress

user32

RegisterClassExA
DefWindowProcA
PostMessageA
SetTimer
KillTimer
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
FindWindowExA
CallNextHookEx
CreateWindowExA

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

msvcrt

fclose
_stricmp
_adjust_fdiv
malloc
_initterm
free
__CxxFrameHandler
rand
strstr
??2@YAPAXI@Z
_access
sprintf
??3@YAXPAX@Z
strrchr
_strlwr
fwrite
fopen
strchr

Exports

Exports

DllRegisterServer
DllUnregisterServer
EhAqypsC
dXefCofm
wJbmAXeogJUiyItCP

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 926B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ