2a66af0298731bf4260a4fc93e066428_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a66af0298731bf4260a4fc93e066428_JaffaCakes118
Size

107KB
MD5

2a66af0298731bf4260a4fc93e066428
SHA1

018059ee9dbb331de213f4d1a9b28b6a23d588a0
SHA256

1c8ea0721edcea0c96a6a6a77c8dfbcdf221d1114514868ff2b3ea9f6106b30d
SHA512

b378db555bc62982fee808c1420693104bb1c86fd457a3eda19afba27199ad16b82a52cf21581703608e82ccf8f553de6fe230900d47c6e73206ab64210c80a2
SSDEEP

1536:caHhaaloeLQGePJZb0h570mHSlPdlCcBtA5ClpNzxgrFdnMeH9GtfEwXxrRxzhSn:aIoeLQGexZvwS5BtAQcrYeH9SBRR9cfv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a66af0298731bf4260a4fc93e066428_JaffaCakes118

Files

2a66af0298731bf4260a4fc93e066428_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

3ba4399ee4bb8d2228dd70ffe7475381

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharNextA

gdi32

GetTextCharsetInfo

advapi32

OpenServiceW

shell32

SHGetFileInfoA

ole32

StringFromGUID2

oleaut32

SysFreeString

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 39KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE