71d7356eecc293e8e6b98524689a8da9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71d7356eecc293e8e6b98524689a8da9_JaffaCakes118
Size

12KB
MD5

71d7356eecc293e8e6b98524689a8da9
SHA1

47ebe702519f0e0f8930189e64b681d745dd7664
SHA256

84d55bd2c9a4e6e73b387b55ca184bab0232c4addead9a46edecb9f5918cfdd5
SHA512

ad325439632058bf9714307c34e38a291a0d8a8c277efa1d5957883beb8c23b6c8da00e9be1693e74975c44d372c1e5a32ddd2f44e63c89ca3eea181d2139a7f
SSDEEP

192:zYiUROkd8I2QmTY8Pu67GmWx0I1C1edlZV0vVBUjLAnrYp5WuvF1W:0JRkjTq/PVd3V2BUjyrYp5WuvF1W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71d7356eecc293e8e6b98524689a8da9_JaffaCakes118

Files

71d7356eecc293e8e6b98524689a8da9_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

af40f96a432973b4b2fe09174f0688b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

AllowSetForegroundWindow

oleaut32

SysFreeString

rpcrt4

NdrOleFree

ole32

HWND_UserSize

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.MPRESS1
Size: 8KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE