2dc142e9226379df2fbcbcfa3985272e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2dc142e9226379df2fbcbcfa3985272e_JaffaCakes118
Size

38KB
MD5

2dc142e9226379df2fbcbcfa3985272e
SHA1

4e60fa3ba7eb4926323656b2c17e7b97496fa004
SHA256

734ab36e46d74fa4ec90d48db7769ea13e8aac250b7717666607dd5bd52bdbc9
SHA512

b754063469c46abec76fc8ad6dc0466cc123b518eb112442c4b5d9b4e9f48f78f821838c723c8f3424ed95ee8bbbaefb1fefa39323f1d45946c9f9df20e5f593
SSDEEP

768:L+a8RztWGZzOst3TZemuMlb34Qhj/gfVXQwleWgFa0:IZbOsNJxbl7wleWgd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dc142e9226379df2fbcbcfa3985272e_JaffaCakes118

Files

2dc142e9226379df2fbcbcfa3985272e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9a138f3679ce538e934ca2c20c0602fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

WSACleanup

wininet

InternetCheckConnectionA

rpcrt4

UuidToStringA

shlwapi

SHSetValueA

urlmon

ObtainUserAgentString

user32

IsWindowVisible

ole32

CoInitialize

oleaut32

LoadRegTypeLi

Exports

Exports

RunUI

Sections

.text
Size: 33KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE