c792df4af8381bfc09987d4fb18b7e56_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c792df4af8381bfc09987d4fb18b7e56_JaffaCakes118
Size

127KB
MD5

c792df4af8381bfc09987d4fb18b7e56
SHA1

a45b6d93e25c47dd3b10c1f59fc372a945360eb0
SHA256

1aff309b7c889a46e5b9b71df1c8b795ab68ad69393afd71218e2ae28750b756
SHA512

f86baa7b777876635444ac890c1a392b3d41cd19eb11240850e6bc054b08c3e1c116a3ae266a7fe02fc240cff9df2ebc8b9dccf8d8471ab3f6cfe5cd7f1deaea
SSDEEP

1536:Z8jMTitnEfLD8gsTIoRAZnhLOZCRYy6+VI1mCcPFzLyq3VVWItKMMiU1aoauY:fEnEvSTI/ZnucIOz2qFAcKMMiU1m9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c792df4af8381bfc09987d4fb18b7e56_JaffaCakes118

Files

c792df4af8381bfc09987d4fb18b7e56_JaffaCakes118
.dll windows:4 windows x86 arch:x86

97133efb8aadaf33b4ed0c0f788b0b15

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

AdjustTokenPrivileges
CloseServiceHandle
ControlService
CreateServiceA
DeleteService
OpenProcessToken
OpenServiceA
QueryServiceStatus
SetSecurityDescriptorDacl
StartServiceA

ole32

CoCreateGuid
CoCreateInstance
CoDisconnectObject
CoGetClassObject
CoInitialize
CoLockObjectExternal
CoRegisterMessageFilter
CoResumeClassObjects
CoUninitialize
CreateBindCtx
CreateDataAdviseHolder
OleFlushClipboard
ReleaseStgMedium
StgCreateDocfileOnILockBytes
WriteClassStm

kernel32

lstrcpyA
VirtualAlloc
OpenFile
GetLastError
EnumResourceNamesA

Exports

Exports

Eff
Vui

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ