110d88121385d0288e0fe9f3e6a077f6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

110d88121385d0288e0fe9f3e6a077f6_JaffaCakes118
Size

53KB
MD5

110d88121385d0288e0fe9f3e6a077f6
SHA1

173df2991b84118b1440e40a653f52929e76d901
SHA256

a7b8fb3e1883c9133734ec1475eab395831846f6a0a1db3edfd26d80652d5fe7
SHA512

730719faa6e820cddd55d2d9018fa9e2ccbd3ce93248e371fc0c96adb530a35a938aa78c18d3bfe237ffbbf3886d59f90064565399dc2d140ba2b66b307f6f4b
SSDEEP

768:IBTcux3k/0p9antYKBg27ynKT7L6nMGcrwWO8lep0MbsgBH9yJdsJVHPhJJvD7DH:0YEU8pg2l27PT7EFWO8C0x6HvHZTz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
110d88121385d0288e0fe9f3e6a077f6_JaffaCakes118

Files

110d88121385d0288e0fe9f3e6a077f6_JaffaCakes118
.dll windows:10 windows x86 arch:x86

71f085903f53b56d1c15d6210ce1f763

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

advapi32

RegCloseKey

ole32

CoCreateGuid

oleaut32

SysFreeString

user32

LoadCursorW

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.MPRESS1
Size: 47KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE