431fc428534a1d1f8de95d01aed0a8e1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

431fc428534a1d1f8de95d01aed0a8e1_JaffaCakes118
Size

36KB
MD5

431fc428534a1d1f8de95d01aed0a8e1
SHA1

34c94cb87cb2ab6a9653633051f9eb4caf2196fb
SHA256

8993d5fbf7dd76f4ad1cd4b90396b5dd23c7f9837963d2da2692fe124b959bc9
SHA512

60ea6270e5328f1d923ddf867a24f083e064afac6cc76285a819d22945d26881fcc104fdee98569923a39711f8b7f501e5369cc0da4fec83cb4648bef2a01c2d
SSDEEP

384:KPIjqvZP7sTBYfCx4Wlhjtw1O6TLFxbxe+PGXrkOwJ:KgjqvFsTOfK4Kh2O6TLfbxe+PGXrkO8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
431fc428534a1d1f8de95d01aed0a8e1_JaffaCakes118

Files

431fc428534a1d1f8de95d01aed0a8e1_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

07494c21739d4fcb40b95248661bbf70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
DeleteFileA
InterlockedIncrement
GetSystemDirectoryA
GetWindowsDirectoryA
GetLocalTime
GetModuleFileNameA
CloseHandle
LoadLibraryA

user32

CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
CallNextHookEx
KillTimer
SetTimer
UnhookWindowsHookEx
FindWindowExA
PostMessageA
DefWindowProcA
RegisterClassExA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

msvcrt

_initterm
free
strrchr
_access
strstr
strchr
fopen
_stricmp
malloc
_adjust_fdiv
_strlwr
sprintf
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
fclose
fwrite

Exports

Exports

DllRegisterServer
DllUnregisterServer
bTqTaTfLJg
odrF
qJTB

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 858B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ