3f2096b9a7c29c77fd19a12ffff9cff4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f2096b9a7c29c77fd19a12ffff9cff4_JaffaCakes118
Size

12KB
MD5

3f2096b9a7c29c77fd19a12ffff9cff4
SHA1

1267e057f646f9c30cc3a62e1861aad7e279a2c4
SHA256

f5a70321b1f793a2d0949152265f8f83551bbd5f0ff0c80db7827cd5e2a21c76
SHA512

09778b9f9c81ddbd15188988c2bdcda6e22cde4e64119ed0a3d98a11c4b627fb8ddbea48978b71972a7f5c87f2af78feac8de1faf9865e4ffdf99f0d5d28cc47
SSDEEP

192:VhYV08xs+U6iCT92e7OWFiVR/hH9G9p0x/ew7gwrMh8SnTrCZwIeAsRFjjUvAsRO:xz6PT92e7OWFQHQ2bgwwh8mCZzKFeF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f2096b9a7c29c77fd19a12ffff9cff4_JaffaCakes118

Files

3f2096b9a7c29c77fd19a12ffff9cff4_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

279d49e05d1be86517601fdb5851a9f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
CreateThread
CreateEventA
OpenEventA
lstrlenW
InterlockedDecrement
HeapAlloc
GetStringTypeExA
InterlockedIncrement
GetVersionExA
VirtualFree
VirtualAlloc
GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualProtect
lstrcmpA
IsBadReadPtr
GetProcessHeap
HeapFree
Sleep
GetThreadLocale
GetModuleFileNameA

user32

CharNextA
wvsprintfA
CharLowerA
LoadStringA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

ole32

CoCreateGuid

wininet

HttpSendRequestA
InternetCanonicalizeUrlA
InternetGetConnectedState
InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCrackUrlA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 465B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 454B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ