d98c4cced467db1ed72c5b9c100a9705_JaffaCakes118 | Triage

Sharing

General

Target

d98c4cced467db1ed72c5b9c100a9705_JaffaCakes118
Size

134KB
MD5

d98c4cced467db1ed72c5b9c100a9705
SHA1

b5c455e17bff9739df1bef3370bf3f38eda22c31
SHA256

ad5e7d458aad53f908c2d19c7941cede961b1cda62efdb201bb2296a32413420
SHA512

d0d792ac3e131f08b5d23d27580463b358183c7ce1e9fa7eaa7c3326060f9c70bd56c3b1ba105ae18d16a99f7e479ed3810badc414fba0cf41a115e0ba9575c3
SSDEEP

3072:ggXE+FFe5ZKT31ReN2vUanNoYaP7Wd0zqKMMiU1m9:gc5Fe501RYZaYP7q0zqKNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d98c4cced467db1ed72c5b9c100a9705_JaffaCakes118

Files

d98c4cced467db1ed72c5b9c100a9705_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ff8fc180a4e698927b5d7413de647d23

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen

advapi32

CloseServiceHandle
ControlService
CreateServiceA
DeleteService
InitializeSecurityDescriptor
OpenProcessToken
OpenServiceA
SetSecurityDescriptorDacl
AdjustTokenPrivileges

ole32

WriteClassStm
ReadClassStg
OleSaveToStream
OleInitialize
OleDuplicateData
CreateOleAdviseHolder
CoGetMalloc
CoRegisterMessageFilter
CoRegisterClassObject
CreateDataAdviseHolder

kernel32

lstrcmpiA
lstrcatA
WriteFile
TlsSetValue
SleepEx
Sleep
SetEndOfFile
RtlUnwind
OpenFileMappingA
GetModuleHandleA
GetLastError
GetDateFormatA
EnumResourceTypesA
EnumResourceLanguagesW
TlsGetValue

Exports

Exports

Dqa
Eny
Hgo
Jal
Kdy
Knd
Lgn
Llg
Mmx
Res
Vrt
Ygp
Zmu

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ