3e7dbfa4bb72a11979b0592bb5e5f287_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e7dbfa4bb72a11979b0592bb5e5f287_JaffaCakes118
Size

121KB
MD5

3e7dbfa4bb72a11979b0592bb5e5f287
SHA1

d17fbc04df4fc29e01fe58435322b27e37751bf8
SHA256

69d11653a3d6c278dc2221186bb36de74a0f9c15ceba20c3a170188f76c1c8ae
SHA512

21d73c619f787608eea189ef6db152e778ce705550f9ea2d23fea04a99506c8547cc85f0322a9716937004f41d5f0e66276e8e22074a4eaf3775f4cdf88068b5
SSDEEP

3072:ro99wih5lLoxlVJ/kEQvbN9ZBl5ee7Wmpu8F62Dzxgvb:sn/NkXVJ/C59ZZeebJ93xgz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e7dbfa4bb72a11979b0592bb5e5f287_JaffaCakes118

Files

3e7dbfa4bb72a11979b0592bb5e5f287_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

21392eb9068d8b1650380b647bb49bde

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA

advapi32

RegQueryValueExA

shlwapi

StrRChrA

urlmon

URLDownloadToCacheFileA

rpcrt4

RpcStringFreeA

user32

EnumThreadWindows

oleaut32

VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE