06f4ae99ca3b7a21ae932e57e3bc1fd8_JaffaCakes118 | Triage

Sharing

General

Target

06f4ae99ca3b7a21ae932e57e3bc1fd8_JaffaCakes118
Size

17KB
MD5

06f4ae99ca3b7a21ae932e57e3bc1fd8
SHA1

8bf35f1c1b5fefc3de564a0deeb120650695a789
SHA256

7f8b239a18f505fccd0c65e5ce524de58cdbb81a8a06fba69cf3c0d07961dae4
SHA512

c8117fbe97cbd77d0afe117dfdb383b06e0506aa03087cbefd28bd5b05a4f993d445d36675ba43116c2e2eaf042c23724ee44cbd5aa74ec4c388d702596065ca
SSDEEP

192:lfz+l1k4JQMYE/nqleX3uDnF0YlqNMSiZrHvRIj6pRmXSUusNpXhWAoCIzW+7awP:SKMTnQF0YlqOhHmjmReNfC2W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06f4ae99ca3b7a21ae932e57e3bc1fd8_JaffaCakes118

Files

06f4ae99ca3b7a21ae932e57e3bc1fd8_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

61e5c92ad2d0118f34509148e7b07907

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

wininet

InternetCrackUrlA

ws2_32

recv

msvcrt

wcscmp

atl

ord30

user32

IsWindow

oleaut32

SysAllocStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 11KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE