30097b59a4f0fd7c46a1433a1caa7d68_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30097b59a4f0fd7c46a1433a1caa7d68_JaffaCakes118
Size

124KB
MD5

30097b59a4f0fd7c46a1433a1caa7d68
SHA1

ad4db855e5ca89e72f0d2fa987d8ea199f73d669
SHA256

4376a35c1a2c0e96d0f8aa0b1b46fcc040b2781d4d13ebd6a75a935a292ee17d
SHA512

acb08fc0a3dbc62eb733e0643c8ce9cc5158b9b48a9d466b3552c154145d208c0827a9fdbd2125ecbf2a532b235a56fa2313a9d8a763d799e8e61ba5f6db09d7
SSDEEP

1536:ueuunygU3QCZeO9UzwufkDkQmG/j5XyKtIrtPKC8JL0CNc27OkFDH7giYpri2:xygU/eys5YAKtIpv8N0GN5JML

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30097b59a4f0fd7c46a1433a1caa7d68_JaffaCakes118

Files

30097b59a4f0fd7c46a1433a1caa7d68_JaffaCakes118
.dll windows:4 windows x86 arch:x86

880e8017040075395f581707dc313882

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
VirtualFree
LoadLibraryA
GetProcAddress

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
_except_handler3
free
_initterm
malloc
_adjust_fdiv

Exports

Exports

ActiveX_
ActiveX_1
ActiveX_2
ActiveX_3
GenHWID
LoadAllDll
PLCloseDevices
PLFindAndOpenDevices
PLSetCurrentDevice
PLSetUvcDevice
ReadExtUnit
ReadReg
ReleaseLogObjects
WriteExtUnit
WriteReg
_declspecs

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 606B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ