f09dd7bf2c18287c82cce63e7da843c5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f09dd7bf2c18287c82cce63e7da843c5_JaffaCakes118
Size

152KB
MD5

f09dd7bf2c18287c82cce63e7da843c5
SHA1

c9a2b60a6ad3e61089f26941e8ed236e5cdbcff0
SHA256

b0f427fdf58ed305e1080c632d47aa19211060fea2709a6b52232ffd6a0de20c
SHA512

17c1cb9bde20be8f66351bf848894de2540fdc24d8fcfcdb8150ac440b5220e984f3850e5576e2dbaa41df8aef4a65c443575fa86e0dba4310dcd02c17f6a9fb
SSDEEP

3072:cFjksmNcg9jCGA8MHthJbSdJLnn/hH51b2wL/A/pkE9cfRFP/4/iXApd/a:c5Gag1CGAZHt7bSvn/NnaK/iGm/iOo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f09dd7bf2c18287c82cce63e7da843c5_JaffaCakes118

Files

f09dd7bf2c18287c82cce63e7da843c5_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

be0672654ec4643ebaa0b32d6239b333

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryExA
GetProcAddress
LeaveCriticalSection

urlmon

URLDownloadToCacheFileA

rpcrt4

RpcStringFreeA

advapi32

RegEnumKeyA

shlwapi

StrRChrA

wininet

HttpOpenRequestA

user32

GetClassNameA

ole32

CoCreateInstance

oleaut32

SafeArrayCreateVector

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE