d32f7cad5b1a6de6cfdf4154548f1cd1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d32f7cad5b1a6de6cfdf4154548f1cd1_JaffaCakes118
Size

5KB
MD5

d32f7cad5b1a6de6cfdf4154548f1cd1
SHA1

b5f7cff262a861c6d252f4605a56be10cc0bff6a
SHA256

62fb069b1da325bfdc5899e5d67d397b74fd4f3dd1a0d47e32e327fba286a09c
SHA512

0d693acc1e22fefb4ad718cfeb7219e6ed90f008476022fd693de16ce688db69dfa326475b836b02ded041e85d96121e061cbb7018c46033dd9c7c938413e186
SSDEEP

96:5Kw1yMmbfnGAvNDhHDeCXrm1okOIJWz0rXw+FKAGInSabp:5e6ItV/a7WQrxKAHSabp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d32f7cad5b1a6de6cfdf4154548f1cd1_JaffaCakes118

Files

d32f7cad5b1a6de6cfdf4154548f1cd1_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

70b13f2a2791e0bdce29f750fa9ae5c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

kernel32

GetModuleFileNameA
GlobalAlloc
GlobalFree
CloseHandle
GetFileSize
WriteFile
CreateFileA
lstrcatA
GetTempPathA
Sleep
WideCharToMultiByte

user32

PostMessageA
IsWindow
GetAncestor

advapi32

RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegCloseKey

shell32

ShellExecuteA

oleaut32

VariantInit
VariantChangeType

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ