dcbbc0fbb83a3f2a60f3206260fdfb9f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dcbbc0fbb83a3f2a60f3206260fdfb9f_JaffaCakes118
Size

57KB
MD5

dcbbc0fbb83a3f2a60f3206260fdfb9f
SHA1

f32ea9bf2b59bdcbc264c56fbbadaf8b3b5f5674
SHA256

eaf887203e3c2c97a622d597e48d72813e2cf91db804b3123ee0dfd5cf196f1b
SHA512

60e443075495d84651d7af316ae0701b6b0a743e9155a4928d0d696a1d2b39e5d5a38072bc145d11fd993937f79913c13f099c5b17e079922f0719def1e2236c
SSDEEP

1536:hsRkiRyvT7uw+lzphwRhKJAtKNREou8EI05+Hcgb:h6YT7t6A7KWoNRER8EIbHt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcbbc0fbb83a3f2a60f3206260fdfb9f_JaffaCakes118

Files

dcbbc0fbb83a3f2a60f3206260fdfb9f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

17fb36961b40ffaa3c0c14cbb9ff3fe0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

mfc71

ord584

msvcr71

??1type_info@@UAE@XZ

user32

GetProcessWindowStation

gdi32

CreateCompatibleDC

advapi32

RegDeleteValueA

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

ole32

CoInitialize

oleaut32

SafeArrayUnaccessData

ws2_32

WSAStartup

wininet

HttpSendRequestA

iphlpapi

GetAdaptersInfo

rpcrt4

UuidFromStringW

Exports

Exports

DllRegisterClass
DllUnregisterClass
ServiceMain

Sections

.text
Size: 50KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE