a2915820020b344292dc0993ab8fc86c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2915820020b344292dc0993ab8fc86c_JaffaCakes118
Size

39KB
MD5

a2915820020b344292dc0993ab8fc86c
SHA1

c841a229b1718a09d76dae460980b88346c40ce2
SHA256

46be1de6a7350c1042d2646c0d612bf4977df1e79be0f7105ab5bc65d05cb70d
SHA512

98b6889e037d80daab6d97e8e5ccf2fc2f6e4d8af0f70256cf3df4c596d9fe11d82059ee2e74b4a54ce8e278abcf2fca380efe15379aa999c51979b9a65ca63a
SSDEEP

768:TIVgJ/VcxdtAbiTN+JfyDdNfsVrtU9OKqiREPOClYKJBj7D5D:TI2gxdqQNbZyixqiREP/YW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2915820020b344292dc0993ab8fc86c_JaffaCakes118

Files

a2915820020b344292dc0993ab8fc86c_JaffaCakes118
.dll regsvr32 windows:1 windows x86 arch:x86

0d97ffa913750d56b3405f375ede5fa2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

gdi32

BitBlt

ole32

CoCreateGuid

oleaut32

LoadTypeLib

user32

GetDC

wsock32

bind

urlmon

URLDownloadToFileA

shlwapi

UrlIsA

wininet

InternetOpenA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.data
Size: 33KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE