42a367375f45781534bd709bbb2ac2ea_JaffaCakes118 | Triage

Sharing

General

Target

42a367375f45781534bd709bbb2ac2ea_JaffaCakes118
Size

68KB
MD5

42a367375f45781534bd709bbb2ac2ea
SHA1

e3d2f3c21c8bda8525a9a636b30d09e55c586d87
SHA256

9b3f1fc61bd7d917f93d430f29b509339301f235accac84ede7720dae6a27fb4
SHA512

59bfdb3b196581c6264d8f431d220f363231a3e109a05c13caa3064c7100a924c1fd88f92bf88fcdf66bbcccde95d093a389eec8b64957a954efe462aef853fd
SSDEEP

1536:2a8gozIs+kX+Rfiu/ZHCoAUK/i7l7X0R72ysOIRDqoweTXS:2a8goukYqoAUgsl7XM78jDq4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42a367375f45781534bd709bbb2ac2ea_JaffaCakes118

Files

42a367375f45781534bd709bbb2ac2ea_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

9efb2f55c27dc4c70a82cee08bebbbf9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA

advapi32

RegCloseKey

gdi32

SetROP2

ole32

IsEqualGUID

oleaut32

LoadTypeLib

urlmon

URLDownloadToFileA

user32

GetDC

wininet

InternetOpenA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 66KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE