fe0c59466fada1ab7e86350305abe746_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe0c59466fada1ab7e86350305abe746_JaffaCakes118
Size

152KB
MD5

fe0c59466fada1ab7e86350305abe746
SHA1

7ad35c74e40c097c94c2b63eaeb90997a081b548
SHA256

c329929649ebe16d3c9e0d00084ba78b1fbae3464e890dc57dec24f95701b05a
SHA512

36752f0c58e14fa75372a53a7f6df36b4c53ff695b66b1ad702d310e6e420372589eaf66ad7c14bc87fe7d7076544a61757696053d2537549d7280f716ce6044
SSDEEP

3072:IvMuE3aYA4nWtQi6TjinfZ/tVs90usQEr23gqHbzY68QBcnMg/aMlcquXX:UErGQiB2bEfq706bBcbaM6quXX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe0c59466fada1ab7e86350305abe746_JaffaCakes118

Files

fe0c59466fada1ab7e86350305abe746_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

be0672654ec4643ebaa0b32d6239b333

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryExA
GetProcAddress
LeaveCriticalSection

urlmon

URLDownloadToCacheFileA

rpcrt4

RpcStringFreeA

advapi32

RegEnumKeyA

shlwapi

StrRChrA

wininet

HttpOpenRequestA

user32

GetClassNameA

ole32

CoCreateInstance

oleaut32

SafeArrayCreateVector

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE