462a9030af6443f28d65d8789fc6c9df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

462a9030af6443f28d65d8789fc6c9df_JaffaCakes118
Size

51KB
MD5

462a9030af6443f28d65d8789fc6c9df
SHA1

1cf53bb8259ea276cdf0285f6c166c160976f5c4
SHA256

668d9dce4897bee98ad79f429bad69961f5ff9bc836f3eb561d5af9176cddff2
SHA512

ce7de4422e1fd2c9300c43771f7e88694c13697b1bc71869b277d9ca1508598121c213eb1333eaec0a63e6fd477b4a1b7204dda027569b5a0110841861eb4844
SSDEEP

768:0eFY9mgCR83gI5gAWExEdktxZ6Jg4X3/in92hIMPoss7foUb+BEJo/60:0em9mgC6X586/6bX3/dJossnb+D6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
462a9030af6443f28d65d8789fc6c9df_JaffaCakes118

Files

462a9030af6443f28d65d8789fc6c9df_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

3a9c5393aec647d2799a080dd4b62b50

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

gdi32

GetPixel

wsock32

WSACleanup

wininet

InternetReadFile

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

CODE
Size: 45KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE