03456de4e2f260e1b45b41500f0c520e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03456de4e2f260e1b45b41500f0c520e_JaffaCakes118
Size

80KB
MD5

03456de4e2f260e1b45b41500f0c520e
SHA1

2fec2b8e6a946a48eedfaf1c4e5b3aa367f81878
SHA256

ae2342fc5ab95d63a694d300af7975a18b5851acc97ca3ceba5534f30db2ca96
SHA512

327961d169bc593a40e546e2294cd38e1abe29016b1854f7bd22ddb8699d98d44a7ccb4818c26afc005bd89b5cbd2ce72f9997b6c4396fcd3dcf3024e1d9ff7f
SSDEEP

1536:XQgD+ZhiW2Oir4Fanf6fufIb8H0PGz1QWEA17fKXbE9deKzK6kEk:AA+v10a+2bfPIQWh7fKrqkKzy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03456de4e2f260e1b45b41500f0c520e_JaffaCakes118

Files

03456de4e2f260e1b45b41500f0c520e_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

4fded73d04ea753012132e641ec58052

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharNextA

advapi32

RegCloseKey

shell32

SHGetFileInfoA

ole32

CoTaskMemAlloc

oleaut32

SysFreeString

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE