384c432ed934bafe688a384512ac7782_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

384c432ed934bafe688a384512ac7782_JaffaCakes118
Size

10KB
MD5

384c432ed934bafe688a384512ac7782
SHA1

b12b12635b5ed1ec44a30b6b2be7e885ee03526c
SHA256

8c5d1e698136767fa2b3144a288b1dec6a5b37467e8e2b45811bc22356404759
SHA512

587efba865996e603de39ea15942227f3a2853d53664b4480128507527450b57264dcaf52df45474657b1341fb1d26f658e754442b3635bb0d3ca714de4b1ff8
SSDEEP

192:no6bgv0nW7vuZc0oyFx/fyM96k5X7pgBlnUllTlDhwhHg:JEeWbuKhqlP6kV9uOjP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
384c432ed934bafe688a384512ac7782_JaffaCakes118

Files

384c432ed934bafe688a384512ac7782_JaffaCakes118
.dll windows:1 windows x86 arch:x86

3e8f1e01dc1cd384b4f1de3e02c1af2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualAlloc
Sleep
WriteFile
CreateThread
GetDriveTypeA
VirtualFree
ExitThread
CopyFileA
CreateDirectoryA
CreateFileA
CreateMutexA
CreateProcessA
WaitForSingleObject
WriteConsoleA
CloseHandle
GetEnvironmentVariableA
GetLocalTime
GetLogicalDrives
GetModuleHandleA
GetSystemDirectoryA
SetFileAttributesA

ole32

CoCreateInstance
CoInitialize

advapi32

RegSetValueExA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyA
RegEnumValueA
RegCreateKeyA
RegCloseKey

oleaut32

SysFreeString

wininet

InternetGetConnectedState

Sections

CODE
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE