3b96743e3151c508339eb1a70cece254_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b96743e3151c508339eb1a70cece254_JaffaCakes118
Size

35KB
MD5

3b96743e3151c508339eb1a70cece254
SHA1

631987741a58a9f29172773526589df74e2d2791
SHA256

5e3a398fb6cca94732d61df455971ff689937564b3c66fecac544a61c3059fcb
SHA512

1caace540454e80e693e96187115bc84db24568480ceefd4e104ccfc347dd9abd857eb307751dd9f9326ddb1ca048a3f51d0ccfdd32330f0a854d05bbee901b6
SSDEEP

768:QPIddQ9IaLBd+uHbpwtvPzanYyFqn0aFYWVj:XddQ9INGwtTaY4qLVj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b96743e3151c508339eb1a70cece254_JaffaCakes118

Files

3b96743e3151c508339eb1a70cece254_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

60d77b8c7bbc237d582ba7bb5abd5cd6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

UpdateWindow

shell32

ShellExecuteA

oleaut32

VariantCopy

wininet

InternetReadFile

winmm

timeGetTime

atl

ord58

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 28KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE