7815793123a771c5acdf4dc517dba2ed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7815793123a771c5acdf4dc517dba2ed_JaffaCakes118
Size

86KB
MD5

7815793123a771c5acdf4dc517dba2ed
SHA1

e1d6b25b59681c42b383b24e1a1ac90ea3dddfac
SHA256

dd362ac0defdc9bd1b3ed47cccfb9d0b6f9810e02aa30177f362456084e8ee36
SHA512

4356f207c160b6bdb8ef41348fcecb374f23506a3e311d35fea6300c5eb1b2a9e9dd3125361bfbe9e1c2752a4c183175d4e63fbcf7d870ebd1f92c0326b78cef
SSDEEP

1536:fTNzmLtt+6vgy9ZYt3E5LzAxSmFf06XkO7Yxl9bdYiptboxKvfJT+CrFZhGEuDfa:fTNKLu6vgy92t3E+cmF86abCktUA5ThF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7815793123a771c5acdf4dc517dba2ed_JaffaCakes118

Files

7815793123a771c5acdf4dc517dba2ed_JaffaCakes118
.dll regsvr32 windows:6 windows x86 arch:x86

3cb749254eea0ed12f1452e715dc5bc1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

gdi32

GetDeviceCaps

user32

GetDC

advapi32

RegCloseKey

ole32

CoTaskMemFree

oleaut32

SafeArrayUnaccessData

mpr

WNetGetConnectionW

shlwapi

PathGetCharTypeW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 73KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE