f6d67c601677b7ee251c60aabc21fc77_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6d67c601677b7ee251c60aabc21fc77_JaffaCakes118
Size

38KB
MD5

f6d67c601677b7ee251c60aabc21fc77
SHA1

da8d34a930acd4bd46f50e6e4156ee4707ae9154
SHA256

3509b488296bfbf6fff27bcda1732107e5245b7c49561e8ce27cb0418ff7f60f
SHA512

9a4e9dc38062547d7b623277d0b8862c1f9b6928719f21b57d0e4d75684d1fa70be1eebf0eb58c8268ea1b6265e05b1a4666139311932a285ee408e23ed6f7c6
SSDEEP

768:O9GBkGdsCsnnnnFcirgeEifEoqe8lrEFbyPboAQBigQraqeaPZ6GduHnnnnnnob/:4GFdslnnnn2iN5feeyPbcBdQraqeaPZt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6d67c601677b7ee251c60aabc21fc77_JaffaCakes118

Files

f6d67c601677b7ee251c60aabc21fc77_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

a543e780db983cc13b534cadac598376

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetModuleFileNameA

msvcrt

realloc
free
malloc
_initterm
_adjust_fdiv
_stricmp

Exports

Exports

DllGetClassObject
DllRegisterServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ