0b55bfca609f4bfd21ba706cb4a85091_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b55bfca609f4bfd21ba706cb4a85091_JaffaCakes118
Size

15KB
MD5

0b55bfca609f4bfd21ba706cb4a85091
SHA1

1d99436b4ccc8abc66e3d6055520b72644f81729
SHA256

fd26678f5645a4959393b48e4ed15b0851e2cc548c0f204c48af086764c006ae
SHA512

42877168aaf2d610cf263fd44dc7521e366a767638023d7d9849e8df124a19df8f9bcdd32aca14c1e242baf0637a4d6d326954cbf8eda6fe9f07209044cba026
SSDEEP

192:mKMyURHUMrR45dF/CnSiPtfu6pXtc6OOYsCxoqwMrwiS+qwdnhRbaojyUNmA:cyGHUQO/kWEa6OOYboZiS+qwd62N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b55bfca609f4bfd21ba706cb4a85091_JaffaCakes118

Files

0b55bfca609f4bfd21ba706cb4a85091_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

042374f5bf3104a5d0b38b5ac2a4ef38

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathAppendW
StrStrIW

oleaut32

SysFreeString
SysAllocStringLen
VariantInit
SysAllocString

ole32

CoInitializeEx

advapi32

RegSetValueExW
RegCloseKey
RegCreateKeyExW

shell32

SHGetFolderPathW

kernel32

CreateFileW
WriteFile
GetProcessHeap
MultiByteToWideChar
LoadLibraryW
GetSystemTime
GetModuleFileNameW
GetProcAddress
HeapFree
SystemTimeToFileTime
HeapAlloc
CloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ