c89b1cd651b6fd06ef632306b7ff2989_JaffaCakes118 | Triage

Sharing

General

Target

c89b1cd651b6fd06ef632306b7ff2989_JaffaCakes118
Size

378KB
MD5

c89b1cd651b6fd06ef632306b7ff2989
SHA1

10f19974b589a7375aae63aa32f1739b8172b626
SHA256

3345865044618f4418a9accc84dd2e074d7f2477d51387dcfd8cb65731101c83
SHA512

1d70763c9d1133c7afc488fd051cb8d7e972951f43907d1f87d6728eb5c29a72f76812977474d50387dd376edd4256746822b2875583bda30c163f2e37df4b51
SSDEEP

6144:zGl+PWoijI1frq2lUK2JyrqDZzAV5iTZQvshZWnOyM309vcaGeTn+69pdAFM5:zGlZNjGqpyOmV5iyvshZWrM309vZrnN5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c89b1cd651b6fd06ef632306b7ff2989_JaffaCakes118

Files

c89b1cd651b6fd06ef632306b7ff2989_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

b01bcaf7e9b1483ee617b6239d02ee79

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UnrealizeObject

version

VerQueryValueA

ole32

IsEqualGUID

comctl32

_TrackMouseEvent

wininet

InternetSetOptionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 369KB - Virtual size: 948KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE