3ec71ef02a97b088bb3ea3fa74523323_JaffaCakes118 | Triage

Sharing

General

Target

3ec71ef02a97b088bb3ea3fa74523323_JaffaCakes118
Size

117KB
MD5

3ec71ef02a97b088bb3ea3fa74523323
SHA1

39998c3ea071cf31d3308b673c8a4358c17b3a97
SHA256

ea2a47ce619d892488c910b21380b3f20867528aa5ba1707633a53cc78ddca3b
SHA512

be9ade5bc83788679c3df10d7096d21f5d12de43ec6739ae0120d14e6eb3e89afbbbb5040d135522c4d5de18804e46c4384ae3f3f3efa6366f1c43a594935777
SSDEEP

1536:TPJIjzTXr1Fe6QTXPdBRLLBPLlM6NsGUCuHa6rEKnDY/r0fzAMxEfJr5Ym4s8SIs:T4MTFPL5m6NG/rjDYg7Ohum38tT+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ec71ef02a97b088bb3ea3fa74523323_JaffaCakes118

Files

3ec71ef02a97b088bb3ea3fa74523323_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

5b4632812e611510111bf2b82a25ce44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryExA
GetProcAddress
LeaveCriticalSection

urlmon

URLDownloadToCacheFileA

rpcrt4

RpcStringFreeA

advapi32

RegSetValueExA

shlwapi

StrRChrA

user32

GetParent

oleaut32

VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE