241c63e9b6662cf708b9e79246a86cfb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

241c63e9b6662cf708b9e79246a86cfb_JaffaCakes118
Size

33KB
MD5

241c63e9b6662cf708b9e79246a86cfb
SHA1

f79c2ecb5f5341feec60adfdc7a8db6e3894b204
SHA256

e9cf313ba198d693ef99d3871a609705946fe6e338edfd372b97094451207713
SHA512

5eaf45badeee0b4c8803fe586e6e8b76da2f7ab28685c1225f7971210cccce18e13ac216e14098f42ef972a56bf1d9b4d79e92f88467f5b944396a3de234fe77
SSDEEP

768:aW4GB2lIPNCGuVyco3m7VectBaAH41XN8eC82XlRwa7Dz1:a86yOND/Y1XeeCPlSs1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
241c63e9b6662cf708b9e79246a86cfb_JaffaCakes118

Files

241c63e9b6662cf708b9e79246a86cfb_JaffaCakes118
.dll regsvr32 windows:6 windows x86 arch:x86

afc4d595b7df49aaecddb140a830785d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

advapi32

RegEnumKeyA

ole32

CoTaskMemFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 27KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE