7726dd8f9832150d57f7e3d597ac0474_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7726dd8f9832150d57f7e3d597ac0474_JaffaCakes118
Size

19KB
MD5

7726dd8f9832150d57f7e3d597ac0474
SHA1

121a61277d35d3756f54106e6338fb92b6ebebc9
SHA256

98617636813c254d034f7c514926390d0283f4f2d080e470cbc22f7b7a2f81c0
SHA512

457de5c83cd4042e18daf8f951c17ff8a9c2cb1c6ddc9df2c4961f69a788a407072f77571310fd57e7dc4659541b3f0c0850ee17cd24f86b53afcc313a26df13
SSDEEP

384:qZPHIWnEDxc9m8N7UMPGVZf0JaKJyJGVWY:YoWnCgm8NA+GVZf0gKUJAp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7726dd8f9832150d57f7e3d597ac0474_JaffaCakes118

Files

7726dd8f9832150d57f7e3d597ac0474_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

5e8e8a91384a6f922fb129b922d40cfa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrStrIW
PathAppendW
StrStrW

oleaut32

SysFreeString
SysAllocStringLen
VariantInit
SysAllocString

ole32

CoInitializeEx

advapi32

RegCloseKey
RegCreateKeyExW

shell32

SHGetFolderPathW

kernel32

GetProcAddress
LoadLibraryW
WriteFile
SystemTimeToFileTime
CloseHandle
GetProcessHeap
CreateFileW
GetModuleFileNameW
GetSystemTime
MultiByteToWideChar
HeapFree
HeapAlloc
ReadFile

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ