52c1a6cc8cd317fd7964b84efb9cd05b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52c1a6cc8cd317fd7964b84efb9cd05b_JaffaCakes118
Size

20KB
MD5

52c1a6cc8cd317fd7964b84efb9cd05b
SHA1

c2dbde604a0ea0424ee5a160ad7ab1950551a1c7
SHA256

11c099f8c9839cf04d5060847d2ac8769b0fac140fb6bf708e034988080d800b
SHA512

a0d69167c60a899fca053ad03a382f8e3067b864a4ac979ed8ed659d45ccc2449cefdfeda9139223618893d6915e493e8490a00f93b2a2fa38a31c43d5101f8d
SSDEEP

384:o7oScAVIPOnTvEkRBkE6i/n36qCWZ2RIFjukf4Oj:2VmOnTvEkb6rpO2RijVj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52c1a6cc8cd317fd7964b84efb9cd05b_JaffaCakes118

Files

52c1a6cc8cd317fd7964b84efb9cd05b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

8fdc0638b45e3fdd9db643a9b21029a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
lstrcmpiA
CloseHandle
VirtualProtect
GetModuleHandleA
lstrlenA
Sleep
GlobalAlloc
GetLastError
GlobalFree
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GetModuleFileNameA
GetTickCount
CreateMutexA
ExitThread
lstrcatA
CreateThread
DisableThreadLibraryCalls

user32

wsprintfA

wininet

HttpQueryInfoA
InternetReadFile
HttpOpenRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA

Exports

Exports

DllCanUnloadNow
DllRegisterServer

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ