82a8032bc455aba2fd1fe42b1b74a0a0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

82a8032bc455aba2fd1fe42b1b74a0a0_JaffaCakes118
Size

156KB
MD5

82a8032bc455aba2fd1fe42b1b74a0a0
SHA1

5c88626342036ee8a9f800b4544fa85d20e007eb
SHA256

3b1cf73a3310b4de9517054e8485d6974143580c9c103bde037fecef50a1a8e5
SHA512

88ef6897a975e92714241f0e6505014e4f17988bb3a52c4544cf35cd00ce2e2ed23e501c7acf1120a3c857a47c96e9fbc0c253ab6b24d10c22d0afe390fa1fd9
SSDEEP

1536:UbLd9xNb2FWWg4xcyR5JiKVxX9TRppLMFlgkXO:UPjxNb2FWWg4eM5UG/LMFlfX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82a8032bc455aba2fd1fe42b1b74a0a0_JaffaCakes118

Files

82a8032bc455aba2fd1fe42b1b74a0a0_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

2e03a34e950b3c5b4478ca06f1ba3f6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileA
DisableThreadLibraryCalls
HeapAlloc
GetSystemInfo
HeapCreate
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
lstrlenW
DebugBreak
HeapFree
WaitForSingleObject
GetWindowsDirectoryA
CreateDirectoryA
InitializeCriticalSection
WinExec

user32

wsprintfA

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

oleaut32

SysStringLen
LoadRegTypeLi
SysFreeString

urlmon

URLDownloadToFileA

atl

ord18
ord15
ord16
ord21
ord57
ord32
ord58
ord30
ord23

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ