abab48ca8aa6d8f7dfbc90c193d3dcba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abab48ca8aa6d8f7dfbc90c193d3dcba_JaffaCakes118
Size

1.0MB
MD5

abab48ca8aa6d8f7dfbc90c193d3dcba
SHA1

093960e3ee612d6ed4d24412dece68c402b3d3e5
SHA256

593d70569c16b0966c4ece56f78a3fecbbde52d7449c8bd1715727b806974e95
SHA512

b16732b30f2cc720f00f8298a0ef0de451b115a4749c97a297f9af76d5b8c5aeaa7e2123574a00fb0b1b83fedf0253abc9c0a12a8db8f8e222f6bc5a39847f8a
SSDEEP

24576:QPDwdukiCRxCJkBpLrh8wXM3x1xgEJw2ZbR1lJw/y2l0scxDds5SQcM:r/hJc3x1BzTA7l0sc/ssM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abab48ca8aa6d8f7dfbc90c193d3dcba_JaffaCakes118

Files

abab48ca8aa6d8f7dfbc90c193d3dcba_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

66ebc4047b5c986d0d94ca76f6c498f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
UnregisterWait
FindResourceA
WideCharToMultiByte
GlobalHandle
GetTimeZoneInformation
InitializeCriticalSection
GetAtomNameW
ClearCommError
LoadLibraryA
GetProcAddress

ole32

OleDestroyMenuDescriptor
CoRevertToSelf
CoUnmarshalInterface
CoSwitchCallContext
OleCreateMenuDescriptor

user32

SetWindowLongA
LoadImageW
GetSubMenu
CreateAcceleratorTableA
GetScrollInfo
SetParent
UpdateLayeredWindow
DefDlgProcW
GetUserObjectInformationW

shlwapi

PathCreateFromUrlW
PathMakePrettyW
StrChrW
SHRegGetUSValueW

advapi32

ObjectCloseAuditAlarmW
MapGenericMask

gdi32

GetDCOrgEx
WidenPath
EnumFontFamiliesExA
GetLayout
GetDIBits
Polyline
DPtoLP
ResizePalette

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 352KB - Virtual size: 351KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ