6fabb20de45156342915ebf6d9f59233_JaffaCakes118 | Triage

Sharing

General

Target

6fabb20de45156342915ebf6d9f59233_JaffaCakes118
Size

106KB
MD5

6fabb20de45156342915ebf6d9f59233
SHA1

b2b5f280daeccd114b36166e82f451f71b51f9dc
SHA256

9c428a5046c2719f62fda74f669e2d11cbf7b9acfdf9d0c046145494dab9c8e0
SHA512

7e8b8e7a3794df9502cbcd1604a28d18a81142c56ecd997edba2ada69f18af62a4340629a56883086875ec3f834011a301592f1b8f6fcf19f1f30837e142fd13
SSDEEP

3072:ODgcxOjDAHUwD9N7zRnZcsrNRP9ejB/V15tPI5qsw:ODgcxIurzRnZXDP8t/z5tgHw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fabb20de45156342915ebf6d9f59233_JaffaCakes118

Files

6fabb20de45156342915ebf6d9f59233_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dbe454b1e292824bbc9a12cc8a20b290

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
OpenEventA
LoadLibraryExA
GetProcAddress
LeaveCriticalSection

advapi32

RegCloseKey

ole32

IsEqualGUID

oleaut32

LoadTypeLib

shell32

SHGetMalloc

user32

SetTimer

wininet

InternetOpenA

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.itex
Size: 90KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE