dc47ab317de2b618695cf774f1d32925_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc47ab317de2b618695cf774f1d32925_JaffaCakes118
Size

94KB
MD5

dc47ab317de2b618695cf774f1d32925
SHA1

d91763128e8519cc5ae3916e44f048160bac44dd
SHA256

1a569fa08a8b8aa94ea3015a99c4c101d0adee2fea2de3efffb3d1daac91202e
SHA512

c5d77e3012286e3c8a8388ea3fe1a5c67e42e322d31ac8f180d4c6c09a9a8f31af0e449506af85524cd8273b946691f085620ab4f37d7076619dd0a8e00219bd
SSDEEP

1536:PLwpx/yiRXt42ya2383NRYithqMKWAYUJyshxNQjFXzEHXlidTeJjG2lEFy5+817:PLwpZyyXt42038TxtCYUlhxsXz2X0dU/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc47ab317de2b618695cf774f1d32925_JaffaCakes118

Files

dc47ab317de2b618695cf774f1d32925_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

421aa51535777bccdf761a57812f9801

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

ole32

CoTaskMemFree

shell32

ShellExecuteA

wininet

InternetOpenUrlA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 67KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE