3a96416f69e9aafbf5978aecba2cd6ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a96416f69e9aafbf5978aecba2cd6ad_JaffaCakes118
Size

152KB
MD5

3a96416f69e9aafbf5978aecba2cd6ad
SHA1

df1dd1138fad56bd1184185f72650c73611c14d3
SHA256

cd15e70243640e116511679fbd588304b12aad8e763363d494470f1aa8511bdd
SHA512

16def41d6618cb4e8d443d594c3ad0274689a7ba2de96a11e911f9699889933e766f8853c8b24d481d4ab61a1b0838c3d51d6e415beba6db7abbd92f499f0cf4
SSDEEP

3072:IvMuE3aYA4nWtQi6TjinfZ/tVs90usQEr23gqHbzY68QBcnMg/aMlcquXXZ:UErGQiB2bEfq706bBcbaM6quXXZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a96416f69e9aafbf5978aecba2cd6ad_JaffaCakes118

Files

3a96416f69e9aafbf5978aecba2cd6ad_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

be0672654ec4643ebaa0b32d6239b333

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryExA
GetProcAddress
LeaveCriticalSection

urlmon

URLDownloadToCacheFileA

rpcrt4

RpcStringFreeA

advapi32

RegEnumKeyA

shlwapi

StrRChrA

wininet

HttpOpenRequestA

user32

GetClassNameA

ole32

CoCreateInstance

oleaut32

SafeArrayCreateVector

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE