89ee70b2abc8b4d3a2537ef471d7b716_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89ee70b2abc8b4d3a2537ef471d7b716_JaffaCakes118
Size

12KB
MD5

89ee70b2abc8b4d3a2537ef471d7b716
SHA1

c5284d94bd71da6ea7b3b4f8a832afc0d6ff95d4
SHA256

18b6b6f558e89eec556d17df6f5742ee02a9969a3f069906198fc18e27376b8c
SHA512

3689a8c66ed0e2febf5a291daa10bd93cfd8ec22c85f0c1e56cd7bcac91543f101a9f6959432b3789d5273dbc2d13c239898cd6b5fe11047a5c16cee759adc2e
SSDEEP

192:wy72w2n/+/8l22xRumP6rpNEflAgFzeZyfG/eelji0vNn8W7cIW41:wC2wyMW2IRumeEflAgFzr3eljrN8W7ce

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89ee70b2abc8b4d3a2537ef471d7b716_JaffaCakes118

Files

89ee70b2abc8b4d3a2537ef471d7b716_JaffaCakes118
.dll windows:4 windows x86 arch:x86

30d4c6e3c4785941eb05a4b2a75c920f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTempFileNameA
GetTempPathA
Sleep
FreeLibrary
GetProcAddress
DeleteFileA
LoadLibraryA
GetVolumeInformationA
GetModuleFileNameA
ResumeThread
SetThreadContext
GetThreadContext
WriteProcessMemory
GetModuleHandleA
lstrcatA
GetTickCount
CreateThread
CopyFileA
lstrlenA
lstrcpyA
GlobalFree
CloseHandle
GlobalAlloc

user32

wsprintfA

advapi32

RegCreateKeyA
RegCloseKey
RegQueryValueA
RegOpenKeyA
RegSetValueExA

wininet

HttpSendRequestA
InternetSetOptionA
HttpOpenRequestA
InternetConnectA
InternetCrackUrlA

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ