b66df672f3bb72d44762f1c4e163f84b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b66df672f3bb72d44762f1c4e163f84b_JaffaCakes118
Size

12KB
MD5

b66df672f3bb72d44762f1c4e163f84b
SHA1

fc174fabb3e3326f2fc6454043044be43af56399
SHA256

c851c8c9c077e3d265731a2bd956b7d364d14fedaacec9b64d3a9b352ebac146
SHA512

46205c2178a2bf6573bb6b8d2797c489b9c27e5721d91100738ff564f29d13d31c0f1541e0557b7ab96daf5077ae8586128a0f1d8b7f41b040900a685f8646d6
SSDEEP

192:/RHUMrR45dF/CnSiPtfu6pXtc6OOYsCxoqwMrwig+Wq/ASj:pHUQO/kWEa6OOYboZig+BN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b66df672f3bb72d44762f1c4e163f84b_JaffaCakes118

Files

b66df672f3bb72d44762f1c4e163f84b_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

f0cd8d9e8f3a2b16dd2e163781225b61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrStrIW

kernel32

GetModuleFileNameW
GetProcAddress
LoadLibraryW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 282B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ