82fff7febf9ce26958f61cd9ffc597ca_JaffaCakes118 | Triage

Sharing

General

Target

82fff7febf9ce26958f61cd9ffc597ca_JaffaCakes118
Size

5KB
MD5

82fff7febf9ce26958f61cd9ffc597ca
SHA1

1648c832c9c0b802551aaa13f6f885249800ae5e
SHA256

d2e619edc0bf9d639cf3231c592e40a2712a3094558b1e389ca85c53792c57da
SHA512

f99d36eca938535cc67a0b0a6a585df01ad670b0be55bda7e35bcbf62b068fb6af3659c8ff05ae4231684fd1d4458682ba51be4943f41449a4332c7fbed64a6f
SSDEEP

96:gG7GwvnMoBDvCCslvtdhEArE/1pQxkpulLFjiyDXijozrRfAVfgq:gG9vnXBmCslNxrE/1pQxk+ZjiyDXiUt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82fff7febf9ce26958f61cd9ffc597ca_JaffaCakes118

Files

82fff7febf9ce26958f61cd9ffc597ca_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

1f26eabaff531a1b45981ced728199a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
GetTickCount
GetSystemDirectoryA
FindFirstFileA
GetLastError
lstrcmpiA
GetModuleHandleA
FindClose
MoveFileA
GetModuleFileNameA
FindNextFileA
DeleteFileA
VirtualProtect
VirtualQuery
IsBadReadPtr
CopyFileA

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA

user32

GetSystemMetrics
MessageBoxA
GetForegroundWindow

shlwapi

PathAddBackslashA
PathAppendA
PathStripPathA
PathRemoveFileSpecA

shell32

ShellExecuteA

ntdll

_vsnprintf
_strcmpi
_stricmp
memset

Exports

Exports

DllRegisterServer
DllUnregisterServer
onLogon

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 768B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 218B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ