82261c4ef463e1dc89f5081f18f46b6a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

82261c4ef463e1dc89f5081f18f46b6a_JaffaCakes118
Size

86KB
MD5

82261c4ef463e1dc89f5081f18f46b6a
SHA1

3e7befd3fb7e7763df8fe4ddbd29f497b58ab3ac
SHA256

897ad4c6f7acc352abd1cc3b764648af29f00256eed5ecb5c0ce454068b8f9e2
SHA512

989eda57f3536fcb41b956e60262e071ed9370fa9d4500cb558cb58c71ece975d399e33d9c91d938b158106486693572686f61e1522cb78506632f780a638b7f
SSDEEP

1536:UsHe65wZCvUItayfkGe9ThkUFIDv3vmPjflgfR8G8Hv6UJcJo9YR5:USF5kUUInSxhurOPjaJ98HaoaR5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82261c4ef463e1dc89f5081f18f46b6a_JaffaCakes118

Files

82261c4ef463e1dc89f5081f18f46b6a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

52d9e0b5791b5af0755033182fd80f4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharNextA

advapi32

RegDeleteKeyA

shell32

SHGetFileInfoA

ole32

CoTaskMemAlloc

oleaut32

SysFreeString

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 53KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE