3bb50600476fef52e12c572908a092f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3bb50600476fef52e12c572908a092f4_JaffaCakes118
Size

34KB
MD5

3bb50600476fef52e12c572908a092f4
SHA1

d1e00eb42b7bff76994ec0a28730f9c3f405507a
SHA256

5248d275cb825a4ae88b4bb0de3357e1d20958ca5b7d139685c6844c8c171a14
SHA512

f3e663304deffeee56e66110b5827f61847436c3cf6917e025bf4eb98bc3855b394cf52432a36ad45662dca293c2f69a01d399362496f7074847cc119ab4db5f
SSDEEP

768:R/hgOaASdiUVipvYkTdAUyp9ywzG1R0gYbXa8ymYT7DR7:R/hgcGVih8UM4wiH0gYWLmA7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bb50600476fef52e12c572908a092f4_JaffaCakes118

Files

3bb50600476fef52e12c572908a092f4_JaffaCakes118
.dll windows:5 windows x86 arch:x86

3c93e17a7496e15742cc610f1092efcf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

wsock32

htons

advapi32

RegOpenKeyA

user32

CharNextA

ole32

CoCreateGuid

oleaut32

SysStringByteLen

mst120

T120_LoadApplet

nmas

CreateASObject

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.MPRESS1
Size: 28KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE