1f875dc85a42fd80b93f25dab0b8cf7b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f875dc85a42fd80b93f25dab0b8cf7b_JaffaCakes118
Size

94KB
MD5

1f875dc85a42fd80b93f25dab0b8cf7b
SHA1

c67f57016d2550e53100f75c70a9767414cf683a
SHA256

04f85ded93f67481ca381289fdacfbf4cc064c2b8b75fb91677fe4ef37c2e9e6
SHA512

be3b2cf1bbbc9c0a101261707738cc8886393a52ea372c37bf7ed0923d2e4719a4311b5fb3f765d2b587dca2183e7a4d203804620b80b6be73c5940c56e93621
SSDEEP

1536:dQgatqQtUFdrGr69M+dhgPe7SbKCt4YzAMuEHWUIy33ZyrPOWvaDDYgMwl+Wss9g:DatqQWdiyhueObKCt4i1uEHX5Anv6cTZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f875dc85a42fd80b93f25dab0b8cf7b_JaffaCakes118

Files

1f875dc85a42fd80b93f25dab0b8cf7b_JaffaCakes118
.dll regsvr32 windows:10 windows x86 arch:x86

b27f111f75bcd7dea35244715724b624

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

advapi32

FreeSid

ole32

CoCreateGuid

oleaut32

SafeArrayDestroy

winmm

timeGetTime

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 88KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE