7379d2c833403d1f75f20cb10c5d3290_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7379d2c833403d1f75f20cb10c5d3290_JaffaCakes118
Size

155KB
MD5

7379d2c833403d1f75f20cb10c5d3290
SHA1

395c47dbf71a9c23c1469366d5179e8f575ac0e8
SHA256

e8f9537a85a127615bb3752648b8fde75a6eb82ae8a7f7fa42ef545462828cd1
SHA512

9b9f610ed143f40dd5d2d36fb0d1fa4975d673fa7fad8667b76bd6545b60fa08ff4a380c83317043e0f402aad7979c051e97e58a7b89bc2d255d7a49f5a08c4c
SSDEEP

3072:xzp82CdLeDYYg4xzudoEBoRm7hphjcjdNIj2jB6PQyayEYiwQFwJ9X:xzWh1eDYYgu2oCom7hphwj9l6F2DRq9X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7379d2c833403d1f75f20cb10c5d3290_JaffaCakes118

Files

7379d2c833403d1f75f20cb10c5d3290_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

7553eacac4bd3969b546e50e76393a8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharNextA

gdi32

GetTextCharsetInfo

advapi32

CloseServiceHandle

shell32

SHGetFileInfoA

ole32

StringFromGUID2

oleaut32

SysFreeString

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 39KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE