5feee6c0c9e5de1f2a04b80e082f9d7b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5feee6c0c9e5de1f2a04b80e082f9d7b_JaffaCakes118
Size

2.3MB
MD5

5feee6c0c9e5de1f2a04b80e082f9d7b
SHA1

d1d02b36fc31f16551298bb8c059b8d4668ceb30
SHA256

02c0a60f1208418af073203b2221fa41c8d17b7bff182a4dce40bec458aaec95
SHA512

3e2c04dd8724390b471f37dc73a69d40d3673cb217fa7f7c7dcdf29b47f80c6c6b55717f34afb9898b4e7792ff45ddf10a5798af9f9a80aa79e20f053f4a5ede
SSDEEP

49152:HKOGSh7itL8cqw/kAOxmA/mC8NRqbN7J3LO2Q7HRdVk:HKQpjd/7sRqnkvK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5feee6c0c9e5de1f2a04b80e082f9d7b_JaffaCakes118

Files

5feee6c0c9e5de1f2a04b80e082f9d7b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

293951f46f8138960299bc39f2818f9e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
WriteProfileStringW
ClearCommBreak
SetCommTimeouts
AreFileApisANSI
WaitNamedPipeA
IsBadCodePtr
SetCurrentDirectoryA
GetLogicalDriveStringsW
CreateIoCompletionPort
GetProcAddress
DeleteTimerQueueTimer
DeleteFileW
GetTempFileNameW
LoadLibraryA
ExpandEnvironmentStringsA

ole32

OleCreateLinkFromData
ReadFmtUserTypeStg
CoGetMarshalSizeMax

user32

LoadAcceleratorsA
GetWindowTextA
SetScrollInfo
GetMenu
ScreenToClient

oleaut32

SysReAllocString

shlwapi

PathMatchSpecW
wvnsprintfW
SHDeleteKeyW

advapi32

GetAclInformation
RegCloseKey
RegisterServiceCtrlHandlerA

gdi32

SetWindowExtEx
RemoveFontResourceW
SetICMMode
DeleteMetaFile
StartDocW
GetBkMode

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 552KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ