3b40916489b8c0afd1fa72abc56226fa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b40916489b8c0afd1fa72abc56226fa_JaffaCakes118
Size

24KB
MD5

3b40916489b8c0afd1fa72abc56226fa
SHA1

0ac2cedbdff016f866e15adcc2622264e655c204
SHA256

bb3d22a454217b1592494f85e2f476dca768f5044f72fe2e25073b763ccf78e6
SHA512

09b1da493b2dd316019ef467c22edb5e3fe061bc8f4f10453f9412449dcb9bcc1d42a66f401d82f3f065db89c8877f8a1c3c00f16841c73a6e2a7657b839c325
SSDEEP

384:0mg1wleDLhWtM6/vxr4fc+6Pl2OsFK/yjFg9Nr8uTHrtMIDgwBgtAkXqlqX7vvxC:0mgKttMiZJ+642SuLSIU/3XoqX7D4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b40916489b8c0afd1fa72abc56226fa_JaffaCakes118

Files

3b40916489b8c0afd1fa72abc56226fa_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

19165816f50a972df055ca7ac574ad3f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

ceil

msdart

MpHeapFree

advapi32

RegCloseKey

ole32

CoTaskMemFree

oleaut32

SafeArrayLock

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 18KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE