e01ccc00c47d7ccdb60e9218be9df8e6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e01ccc00c47d7ccdb60e9218be9df8e6_JaffaCakes118
Size

119KB
MD5

e01ccc00c47d7ccdb60e9218be9df8e6
SHA1

2697b2e0440f3a1b9548e8cf97f08c90f315b29e
SHA256

1ba6fc284140431391740b9de73a834fe0c2083484c04b8f4555b6236d581e55
SHA512

fd8e1eae1221fb9afa62ad9566d291bdf443bf9a3522117b66311c329c1b99559f21da51a2c1fdee2c71818f0689be5bcb06b6a3aadcd8fecf833f92cc086f84
SSDEEP

1536:HwXXhhjD5F/astdXRLcWMocYI+CM5QErUkDqdnqFzAoX+8n2F1SZY4fBcUPbW:4p/nLhLcWdcV+C3EAv0F9n23UtcUa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e01ccc00c47d7ccdb60e9218be9df8e6_JaffaCakes118

Files

e01ccc00c47d7ccdb60e9218be9df8e6_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

21392eb9068d8b1650380b647bb49bde

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA

advapi32

RegQueryValueExA

shlwapi

StrRChrA

urlmon

URLDownloadToCacheFileA

rpcrt4

RpcStringFreeA

user32

EnumThreadWindows

oleaut32

VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 117KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE