0209e6f0c11443ed927ebe015d0d6ae0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0209e6f0c11443ed927ebe015d0d6ae0_JaffaCakes118
Size

37KB
MD5

0209e6f0c11443ed927ebe015d0d6ae0
SHA1

d0fdeab0b8dd7d163cab51a2c02ffb2187ac61e7
SHA256

6160711cf329dec46f97c03fe6f6a37ba43afa7a67d67a2d75df2c46dd52d443
SHA512

694283761f1d923946596f33e83480e0125f4e492e267ffb4693f3d5050c349ca5c173531d9ef2bfa30b6a0e44300d45b53c7a88f7854bac2c954785db4ce710
SSDEEP

768:9ij+lZuixTBobL79EnEkk86dPpkwpyAkegTMUe7D:02OrqEX86dPuwB+o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0209e6f0c11443ed927ebe015d0d6ae0_JaffaCakes118

Files

0209e6f0c11443ed927ebe015d0d6ae0_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

5fc08d44cf9cb7f4cbd2c3b6de29f8bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

ole32

CoGetMalloc

msvcrt

free

ntdll

ZwClose

advapi32

RegCloseKey

Exports

Exports

DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 31KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE