bb29c0ba3318a713070447a747e42c97_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb29c0ba3318a713070447a747e42c97_JaffaCakes118
Size

16KB
MD5

bb29c0ba3318a713070447a747e42c97
SHA1

28f1bd448fae11992836743c52e6cad850e3121e
SHA256

e74d5de812904812a55a9b08c86cd840e81892594c287312f66b35370ce30493
SHA512

1a9731397c69611b69b0b5ddad6ba2dc9618692a501bf185e3fa5c04a2f70f77de318e24dc3c93cd6368accece32fb9b22e2eb5d40fde440eba2d01ddc4e5ff0
SSDEEP

192:dmOdPuW1F0Mm5CgKc2640pbs8S7KFhlG5NpJcr/ATnTHy/sjESzeq:dmOp5L0Mm540pbuKbliNf3TasgNq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb29c0ba3318a713070447a747e42c97_JaffaCakes118

Files

bb29c0ba3318a713070447a747e42c97_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

0889c3dc9ad2a505865a0708c43a617b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEvent
lstrlenW
CloseHandle
GetSystemDirectoryW
WaitForSingleObject
ExitThread
lstrcpyW
lstrlenA
MultiByteToWideChar
GetModuleFileNameA
lstrcpyA
GetVersionExA
HeapAlloc
GetProcessHeap
HeapFree
Sleep
RtlUnwind
lstrcmpA
CreateThread
CompareStringW
CreateEventA
lstrcatA

user32

wsprintfA
wsprintfW
CharLowerA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyA
RegOpenKeyA
RegSetValueExA
RegCreateKeyExA

oleaut32

SysAllocString
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ