4941a9541df1c31eaea159686417636d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4941a9541df1c31eaea159686417636d_JaffaCakes118
Size

36KB
MD5

4941a9541df1c31eaea159686417636d
SHA1

429e0c277a28ed9ee2aea45ea0a22c41e5fa593d
SHA256

4893b37f0eabd1d03dd9227632c72e8f7a749ca7fd2d066b4d05e5683f138031
SHA512

973d81141db478a8a3ebbc3f740bd9e14e85075bbf225a7304639402adb59bf2d4c2adfe88dd731376405702f65ec5149f71ff3748a8d1e9a3c32ae87e299c22
SSDEEP

768:jB10GRn3nXJhvxPNSFR2X3OWoIT+RbmlIsR7+EmWBh7Dc:jjb9nJhvxPwR2XbT+RbmlI4+E/BS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4941a9541df1c31eaea159686417636d_JaffaCakes118

Files

4941a9541df1c31eaea159686417636d_JaffaCakes118
.dll regsvr32 windows:6 windows x86 arch:x86

c7afb3fed428b96d60f3b45ee69fd75b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

ntdll

DbgPrint

ole32

StringFromGUID2

user32

EndDialog

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
EapPeerFreeErrorMemory
EapPeerFreeMemory
EapPeerInvokeIdentityUI

Sections

.MPRESS1
Size: 30KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE