2d15101aeeb7d62f7c9137e6fff80e49_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d15101aeeb7d62f7c9137e6fff80e49_JaffaCakes118
Size

21KB
MD5

2d15101aeeb7d62f7c9137e6fff80e49
SHA1

92f20b923f45e1dea3ec948a18ffce575f1cce41
SHA256

18d4287e60bc0944224a244a5b1b384209e00f9847cbbe9648b3b3676b5401ad
SHA512

e2e174a11c12638684add50a96493dd9b786c3a7fbd5baee6fab13b6a309cfb43c20a51ce4393eb538e07e74abbeefd9c021a078ce4d62051e20a649cf717ba3
SSDEEP

384:LWo1w3cxfeyNR3dFRPaS7D0Mu+o+Y3jDA1s3p6FW8mcW:LWoi0fl1DRPacB2jDD9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d15101aeeb7d62f7c9137e6fff80e49_JaffaCakes118

Files

2d15101aeeb7d62f7c9137e6fff80e49_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

1ca4a40de36dd546d58888f11a35f579

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

MessageBoxA

advapi32

RegCloseKey

oleaut32

SysFreeString

gdi32

Chord

wininet

InternetOpenA

shlwapi

PathFileExistsA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MsgHookOff
MsgHookOn

Sections

.MPRESS1
Size: 18KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE