a98d130afb37a7bc41a35ac9d7b704de_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a98d130afb37a7bc41a35ac9d7b704de_JaffaCakes118
Size

118KB
MD5

a98d130afb37a7bc41a35ac9d7b704de
SHA1

1128b9528c7cbe1a13429db0a7edb26a50c1833b
SHA256

6d8c6807749d84f825ed692befe900c09e89ff0cf0458a6f04e104b2e5ac1e29
SHA512

129cd731c5d914f27df939854b89954f0626f2f25f82b1acac91868e39a764685c5b2051e724b64fcf551d6fa0f3f72964037561372083abc27acc2abacc54d4
SSDEEP

3072:2VSA4U+er8v1wwlNt5AEyxhEKXvaLYIx+6b2gnQmX:2VGCSBNUEyxhEKfaL3xtb2XmX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a98d130afb37a7bc41a35ac9d7b704de_JaffaCakes118

Files

a98d130afb37a7bc41a35ac9d7b704de_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

21392eb9068d8b1650380b647bb49bde

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA

advapi32

RegQueryValueExA

shlwapi

StrRChrA

urlmon

URLDownloadToCacheFileA

rpcrt4

RpcStringFreeA

user32

EnumThreadWindows

oleaut32

VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE