0fde5164c3e709b5c5edeaaae75c91d7_JaffaCakes118 | Triage

Sharing

General

Target

0fde5164c3e709b5c5edeaaae75c91d7_JaffaCakes118
Size

413KB
MD5

0fde5164c3e709b5c5edeaaae75c91d7
SHA1

b4e9e6da5a8f715b75dc3df5e891aa30de6093b5
SHA256

73ef54fbadee3819dbe89e6248f824a904f1c4e7439b2da4558e7d865f8c0c43
SHA512

fce23b7471bc8f8aca829d5d4beee7d3308e99225ddd9fc86413fb674d9f46d52ed810af06fa82726f2fead4cc52abe427c97074de2e5a4c4e733bf9cb34861d
SSDEEP

12288:5aEDuBlzbwVvtZnyx1IMdo4e3dhHmdh5PxW3JsiavXQ:IEMlzbKwk6+J6h5Pk3eiiXQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fde5164c3e709b5c5edeaaae75c91d7_JaffaCakes118

Files

0fde5164c3e709b5c5edeaaae75c91d7_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

9f5930fb47e0d6c63737861f7c9053ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA

advapi32

RegSetValueExA

shell32

ShellExecuteA

oleaut32

SafeArrayUnaccessData

wininet

InternetOpenUrlA

ws2_32

inet_ntoa

rpcrt4

UuidCreate

atl

ord15

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 411KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE