6073e74a894566ba2e9c0372cf2affbf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6073e74a894566ba2e9c0372cf2affbf_JaffaCakes118
Size

97KB
MD5

6073e74a894566ba2e9c0372cf2affbf
SHA1

7386f97631a22ab32deefaf3fde6c9b87b4cc420
SHA256

7c3ba61ff139460cdeb4662b74dd49d5cd51e6e70312ab2b43988b635d9b5a6b
SHA512

d2eb1e77c1fe4216c2ba9f1559093619aa5d509cfc1531ab3da065daff66ae0c2f425cb3dc64f9a7fdee5a04172d9ca692fbc2feb3efa5fcbebfbb7fa4ae4e38
SSDEEP

1536:U54ut5J4WAPp6EaQXkPBKXohSqXhUg7J/yk8q3hbLeoUNasT60p:1c5J4ZpFaQ0PZhFXSg78k8q35eo+TRp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6073e74a894566ba2e9c0372cf2affbf_JaffaCakes118

Files

6073e74a894566ba2e9c0372cf2affbf_JaffaCakes118
.dll regsvr32 windows:6 windows x86 arch:x86

f6dec32cdc21ef7d85fe8d33e18805cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

gdi32

LineTo

user32

GetDC

advapi32

IsValidSid

ole32

CoInitialize

oleaut32

LoadRegTypeLi

comctl32

ord17

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 90KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE