a7efb13a4e03472c1c956d05f8776a13_JaffaCakes118 | Triage

Sharing

General

Target

a7efb13a4e03472c1c956d05f8776a13_JaffaCakes118
Size

113KB
MD5

a7efb13a4e03472c1c956d05f8776a13
SHA1

ed2f46030ffa31b1a1c9e5ade0be1bd3a124ade1
SHA256

38de1254f22d2926178fd7ea7fe87412d658ef6cbf9d8a0504e983e4fa6efd3c
SHA512

f9ef4353984f8c3fb776ba39997bff05e7b00edf424b2f0405393f0930c702389446baea28d8d6108d5688ab952d28d5fbe5216fc11a7cb3d700c8e616592df8
SSDEEP

3072:EjYRbnGjq3ru17uOjMaVif35zx3UlsVx4Pt7:ZGjqbKuOPSJzx3UOVGP1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7efb13a4e03472c1c956d05f8776a13_JaffaCakes118

Files

a7efb13a4e03472c1c956d05f8776a13_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dbe454b1e292824bbc9a12cc8a20b290

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FreeLibrary
OpenEventA
LoadLibraryExA
GetProcAddress
LeaveCriticalSection

advapi32

RegCloseKey

ole32

IsEqualGUID

oleaut32

LoadTypeLib

shell32

SHGetMalloc

user32

SetTimer

wininet

InternetOpenA

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.itex
Size: 89KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE