462367e38583d043f10bc347305f2ca0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

462367e38583d043f10bc347305f2ca0_JaffaCakes118
Size

59KB
MD5

462367e38583d043f10bc347305f2ca0
SHA1

61c5ff9121ddc457239d4da10c481a3c6cfa9b23
SHA256

1783f3ecba57f4983b2d5a54d0995a543dab9e00c58b93635bbd541e467b70ba
SHA512

f38477c4c2bae8bf3dd46e29a64664e066ff8f2ff8d2c713eb17a1b8cb8c3e418fa2bd87d5e21b1a22232155cf5d0011bb912d97182319d12b61d8087beb483f
SSDEEP

768:8S+a/u6ha8Fl5KS9fJhlUn2rjeKRtiO12KpQcg51/q7dDyy7mqiz83taTD6k24iJ:caHhaaloeLQGePJZb0h57DUHX2w8Bj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
462367e38583d043f10bc347305f2ca0_JaffaCakes118

Files

462367e38583d043f10bc347305f2ca0_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

3ba4399ee4bb8d2228dd70ffe7475381

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharNextA

gdi32

GetTextCharsetInfo

advapi32

OpenServiceW

shell32

SHGetFileInfoA

ole32

StringFromGUID2

oleaut32

SysFreeString

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 39KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE