be8b2fb9f012b6658895d3719e3cfa7a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be8b2fb9f012b6658895d3719e3cfa7a_JaffaCakes118
Size

102KB
MD5

be8b2fb9f012b6658895d3719e3cfa7a
SHA1

17e484fee71144f997977f3e8d4b5bc93c67e01f
SHA256

1ddf70a2b6ce4ecb1d0c5ac9c2085e1ca24c695222799e4444a2646d4ecfb84a
SHA512

88987eb6ca7a5d3d62fc0ea359c39d4a6793d35af18df313be28a3b5b311c5cad95698aae7b16a506b043f417e05cabcb389a74a5256b7c0353d7f79584b662e
SSDEEP

1536:IConopzVAINONoz9Rng/js8lN4OATp2h10QN2Ess7pTdDgxP9ZtpSc5DlmBneSa:CQRB2ozvYIQ4jTpBQgEs0v2PSUlanY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be8b2fb9f012b6658895d3719e3cfa7a_JaffaCakes118

Files

be8b2fb9f012b6658895d3719e3cfa7a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8f8c3b7e2e59d6ddb0f1a48e5d46e5fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FreeLibrary
EnterCriticalSection
LoadLibraryA
LeaveCriticalSection
GetProcAddress

advapi32

RegCloseKey

ole32

IsEqualGUID

oleaut32

VariantCopy

shell32

Shell_NotifyIconA

user32

SetTimer

wininet

InternetOpenA

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 86KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE