748052e0b8294013c123e47f997b4163_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

748052e0b8294013c123e47f997b4163_JaffaCakes118
Size

104KB
MD5

748052e0b8294013c123e47f997b4163
SHA1

0ef5b79aa114b1b2a97f4a93490f023bd546d44d
SHA256

17877f85be92106606aea4007eba9ee8675210c464fb1b005b57da398457ea01
SHA512

3da0b99e518e0be99b802583202121e45a07081d506028ff8dc2a196cbff33cab63d6c4c5f1b0db207013bd993f2a5cdf2647b6299bf1784cee72c2857ae35c1
SSDEEP

3072:ODgcxOjDAHUwD9N7zRnZcsrNRP9ejB/V15tuQtH:ODgcxIurzRnZXDP8t/z5tuQZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
748052e0b8294013c123e47f997b4163_JaffaCakes118

Files

748052e0b8294013c123e47f997b4163_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dbe454b1e292824bbc9a12cc8a20b290

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
OpenEventA
LoadLibraryExA
GetProcAddress
LeaveCriticalSection

advapi32

RegCloseKey

ole32

IsEqualGUID

oleaut32

LoadTypeLib

shell32

SHGetMalloc

user32

SetTimer

wininet

InternetOpenA

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.itex
Size: 90KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE