74120b1f4f97d6d1ccb725db8053ee46_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74120b1f4f97d6d1ccb725db8053ee46_JaffaCakes118
Size

118KB
MD5

74120b1f4f97d6d1ccb725db8053ee46
SHA1

c813aef6c2d7d4f546a2f79036655deaeea71521
SHA256

ab075dab7a1e2d0c1fba7c87702083e2a0e1f1624de1998de0d3dcf85bb227d2
SHA512

5f9cc097abef92f54b83ee6b0c69a804434cafb242a7efe79f76e4988e17637cc71664a761b1a10448465391d7865abc5f2ae95ebfea800d18d162f91fb591c4
SSDEEP

3072:tvtaw2ciOG6I6FPGTpms5lY/jtqRBIq0YUCYLvU/j2G7iD:BN2cD3IqPwN5lUgRBl08YL872F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74120b1f4f97d6d1ccb725db8053ee46_JaffaCakes118

Files

74120b1f4f97d6d1ccb725db8053ee46_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

21392eb9068d8b1650380b647bb49bde

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA

advapi32

RegQueryValueExA

shlwapi

StrRChrA

urlmon

URLDownloadToCacheFileA

rpcrt4

RpcStringFreeA

user32

EnumThreadWindows

oleaut32

VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 116KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE