8bb90f9988579f2db37ad20ba7b5c0c8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8bb90f9988579f2db37ad20ba7b5c0c8_JaffaCakes118
Size

460KB
MD5

8bb90f9988579f2db37ad20ba7b5c0c8
SHA1

5ee914763ac0c1c6254cfb848463ac764a7e1044
SHA256

77937767ad5629a53708c5a376f8c601b61b9aea8619ab77441ec3afd6078a53
SHA512

f075abfc22ad770632abee3f755177aa7dbb735a2db4cdb9b02970e025cd3549780c62d682a9766a356fd37b578612795949785efe5b2672e0719325c829eab0
SSDEEP

12288:0C8hlMqScEy49WaWl+TeoNCzi2vEcnWy02uWyy+PQR:uhlMqSs4otGerzi6EHGuUkQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bb90f9988579f2db37ad20ba7b5c0c8_JaffaCakes118

Files

8bb90f9988579f2db37ad20ba7b5c0c8_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

9760789fd680793f647f914844dd9226

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UnrealizeObject

version

VerQueryValueA

ole32

IsEqualGUID

comctl32

_TrackMouseEvent

wininet

InternetGetConnectedState

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 445KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE