944fdfa38e683dc3d3f1ecb0caa6a4cb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

944fdfa38e683dc3d3f1ecb0caa6a4cb_JaffaCakes118
Size

13KB
MD5

944fdfa38e683dc3d3f1ecb0caa6a4cb
SHA1

2dc9ac53d2b2012c779adf4693c2013027967ce7
SHA256

71351a293c5ec1aff3421dbb2cf5e982dd3e037868e158fd950f30cc6c5ee0e7
SHA512

374c5f413ca6dc468959eb78e43f94acf604e8f4a6d4d3adef4feb89a8ce768fa891b23ba865e75f8fd13e8d9b5e259d477153eaa06a89fc52aac1cea56ef389
SSDEEP

384:JNhaKroJ7EEU4aFr2/upghuR6YpHW9gHW:JNUKroGE+pqi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
944fdfa38e683dc3d3f1ecb0caa6a4cb_JaffaCakes118

Files

944fdfa38e683dc3d3f1ecb0caa6a4cb_JaffaCakes118
.dll regsvr32 windows:6 windows x86 arch:x86

5293d4cb9a2062df5a3dfc82621feb50

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

ole32

CoTaskMemFree

user32

IsIconic

shell32

ord18

shlwapi

ord215

browseui

ord123

oleaut32

SysFreeString

shdocvw

ord153

urlmon

CreateIUriBuilder

wininet

InternetCrackUrlW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE