0bdadcdd9cd763fce9ccfd88927a6369_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bdadcdd9cd763fce9ccfd88927a6369_JaffaCakes118
Size

179KB
MD5

0bdadcdd9cd763fce9ccfd88927a6369
SHA1

b81b55f1936cdb40a9319b7955c17c6681395578
SHA256

3c23e82bf2d58f33b7b4dc12909e6d50c63659e603066e7d4b69d468f5d2b155
SHA512

eba5faa80560cd4650d71955cca819592d70baa36c1032935bd6a2d540776bbbc2787e6be4e1fbbbde872d1f11148c1cbac4279e2440abdff1a4b86d6319f699
SSDEEP

3072:N+n5G0DyKCZzKy0yWWA3xoK7F7JLHXEZPYQXAGcHORjxrVDubimPhA6U7yfctuQ:N+n5V/CZp0IGaKXEZPYQyu/QimPhLEtp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bdadcdd9cd763fce9ccfd88927a6369_JaffaCakes118

Files

0bdadcdd9cd763fce9ccfd88927a6369_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

55927bf4d38d2b520ce7510859dcc740

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharNextA

advapi32

RegQueryInfoKeyA

shell32

SHGetFileInfoA

ole32

StringFromGUID2

oleaut32

SysFreeString

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 45KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE