8d787e741119442796b1f44f15569ecc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d787e741119442796b1f44f15569ecc_JaffaCakes118
Size

96KB
MD5

8d787e741119442796b1f44f15569ecc
SHA1

ee267a7cdd5a1a3424fb37ca7188cc8f266fd348
SHA256

185f3466c751c1de2c7f0f1eec672def19a826d56d991cdb6a39462e2bb4a4d6
SHA512

cf2adc3abd0e09e12c10f13248826322b334e9a40eacf6ca4c845bea799590a967a674b34fbd02df4e17d9ef22dfec252fd6a1463d344f7a4f2a6b8aec238cd9
SSDEEP

1536:AwFVjbJcR+ZznwDxx/Q2v1u3O6cHomIYNWqsPebkgmasxeSWNWqBzYPsoq:Ay6oZzwXo2MeZIUWveAHp62Uoq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d787e741119442796b1f44f15569ecc_JaffaCakes118

Files

8d787e741119442796b1f44f15569ecc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4c6936f59413f29b2f7bebad8bd2c6b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetOpenA

msvcrt

sscanf

kernel32

LocalAlloc
LoadLibraryA
VirtualProtect
GetModuleFileNameA

user32

CharUpperA
MessageBoxA

advapi32

RegQueryValueExA

shell32

ShellExecuteA

ole32

CoCreateGuid

shlwapi

PathFileExistsA

Exports

Exports

?DllMainV2@@YGHPAUHINSTANCE__@@KPAX@Z

Sections

.text
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bac0
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bac1
Size: - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

.bac2
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ