07db078f74db76a75511ab140316ce3f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07db078f74db76a75511ab140316ce3f_JaffaCakes118
Size

409KB
MD5

07db078f74db76a75511ab140316ce3f
SHA1

2dad0d394cbc865f0758d7fff42c6d77b68e852d
SHA256

266f683b42ff10b2eec22e962548a6038b89a4b9c8fb09fe351c10b70731c7ee
SHA512

ef0986ed1d4fbdb404047d4f2e74ba6517a70493e69973241c101a2ef06bcaaaf293eb94bc357670984a8e16ba29d44a832316134ffaa69c1d4e62a1cbd9d303
SSDEEP

6144:6U69/nJ60oZQ3I16WPaSmJrv51KQP5DPU8Kp7Aw8nlOJJ99IG0Gs+CNC:6UI/fYd6RZbKiDMFp7TylOJL9exY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07db078f74db76a75511ab140316ce3f_JaffaCakes118

Files

07db078f74db76a75511ab140316ce3f_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

bfac1184cb3a165b0ce40984d578c836

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

wininet

InternetGetConnectedState

urlmon

URLDownloadToFileA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 397KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE