ace827981e1e1e49663d255e5515106e_JaffaCakes118 | Triage

Sharing

General

Target

ace827981e1e1e49663d255e5515106e_JaffaCakes118
Size

17KB
MD5

ace827981e1e1e49663d255e5515106e
SHA1

97b623c404dca04aaa5621cdac1bd7c79f981873
SHA256

d678662597a62d0bf9251b6d8bcba19feb9cdcf246b6b655da9c8909bb39f02f
SHA512

5fbbe30f189e6473eecdb5e439be526cb9df271f99d56dcbcc3eaadb42370c87e72d71a290b005f0a9cc68b8b1ab27ef41ac73e031d6515f65a32bb0a30be6bb
SSDEEP

384:nLcGYUfgPGO5wLvK7ZSKOux+qedmyNpp:LRfguO5wL/K1+qFyNpp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ace827981e1e1e49663d255e5515106e_JaffaCakes118

Files

ace827981e1e1e49663d255e5515106e_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

042374f5bf3104a5d0b38b5ac2a4ef38

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathAppendW
StrStrIW

oleaut32

SysFreeString
SysAllocStringLen
VariantInit
SysAllocString

ole32

CoInitializeEx

advapi32

RegSetValueExW
RegCloseKey
RegCreateKeyExW

shell32

SHGetFolderPathW

kernel32

CreateFileW
WriteFile
GetProcessHeap
MultiByteToWideChar
LoadLibraryW
GetSystemTime
GetModuleFileNameW
GetProcAddress
HeapFree
SystemTimeToFileTime
HeapAlloc
CloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 330B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ