0dd3c3a5907862e519e00c1efd3d9c62_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0dd3c3a5907862e519e00c1efd3d9c62_JaffaCakes118
Size

414KB
MD5

0dd3c3a5907862e519e00c1efd3d9c62
SHA1

37414d46542f3f86cfe0e52b4edb9805f8eaf8b9
SHA256

cf5e0f43816da9eb467c03e1f7cc76fcd91306e3292493779ae1068b32c8de91
SHA512

4cadf31460985a58ab85bec24ba07379a0818450f5b9baa181c00c21029cd8e65bb56589516a9c7edb0c31a5a5b5fa921fe4153227980ebc2ca0625bb71c3f30
SSDEEP

12288:Xa54OwJ+SRJ9VKjl90DrX8C8IMjdjiBrVAN:qufJ+SH4l90vX38IGOa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dd3c3a5907862e519e00c1efd3d9c62_JaffaCakes118

Files

0dd3c3a5907862e519e00c1efd3d9c62_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

9f5930fb47e0d6c63737861f7c9053ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA

advapi32

RegSetValueExA

shell32

ShellExecuteA

oleaut32

SafeArrayUnaccessData

wininet

InternetOpenUrlA

ws2_32

inet_ntoa

rpcrt4

UuidCreate

atl

ord15

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 412KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE