4c40a09c46a3ab61a81d9c33b9d8890a_JaffaCakes118 | Triage

Sharing

General

Target

4c40a09c46a3ab61a81d9c33b9d8890a_JaffaCakes118
Size

151KB
MD5

4c40a09c46a3ab61a81d9c33b9d8890a
SHA1

7ab3b445d1cc829f74ea443af5c96073ec6f3b2b
SHA256

50c4da11e27d08688032fb1ead438c3660ccc78075f5dc0a4716809c7b4db0a2
SHA512

28b7d33e1f1fd57685dd50756f6adb998a30a7ec4dd9d9dc9bbd12085fc3b6056f574831c66dd96fa2dd055c2e6eb1997b08e8d851df0c28a2055cd7aacb51b9
SSDEEP

3072:e61fBZZlujgqIhP/rVmdqLZaNfZ/VkF/kmp2ZI:XxBrlkg9P/JmdqefJVk3YZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c40a09c46a3ab61a81d9c33b9d8890a_JaffaCakes118

Files

4c40a09c46a3ab61a81d9c33b9d8890a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

be0672654ec4643ebaa0b32d6239b333

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryExA
GetProcAddress
LeaveCriticalSection

urlmon

URLDownloadToCacheFileA

rpcrt4

RpcStringFreeA

advapi32

RegEnumKeyA

shlwapi

StrRChrA

wininet

HttpOpenRequestA

user32

GetClassNameA

ole32

CoCreateInstance

oleaut32

SafeArrayCreateVector

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 148KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE