dcecae4f1f487b890dea9f51c1c051f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dcecae4f1f487b890dea9f51c1c051f4_JaffaCakes118
Size

13KB
MD5

dcecae4f1f487b890dea9f51c1c051f4
SHA1

a51b887c11426e579bf82674d8824366702a465d
SHA256

6d5b0e406ef91b70d938af89f74bae5898f3282125d667f25ff6994b1c009a5a
SHA512

6e3762e1aaf1ab55981991b48bbcf2353b21965a46857fff8e5941976e79c64978dad0c05ff00cf7cc46585ed2394066f85b15ba338e0dc2fa1b659abdeec830
SSDEEP

192:TbGgV2uspBzBURGb4Bt9icdnIHbhA82lFbGnUU2AU1:/rVEpBzBU405icdOAnlxnUK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcecae4f1f487b890dea9f51c1c051f4_JaffaCakes118

Files

dcecae4f1f487b890dea9f51c1c051f4_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

7a0e342fa3c5f85c7b22d6a935ac33da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathAppendW
StrStrIW

oleaut32

SysFreeString
SysAllocStringLen
VariantInit
SysAllocString

ole32

CoInitializeEx

advapi32

RegSetValueExW
RegCloseKey
RegCreateKeyExW

shell32

SHGetFolderPathW

kernel32

MultiByteToWideChar
CreateFileW
WriteFile
CloseHandle
ReadFile
LoadLibraryW
GetModuleFileNameW
GetProcAddress
GetProcessHeap
HeapFree
SystemTimeToFileTime
HeapAlloc
GetSystemTime

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 330B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ