7c8eebb2615fff1565184edb69ebee4c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7c8eebb2615fff1565184edb69ebee4c_JaffaCakes118
Size

57KB
MD5

7c8eebb2615fff1565184edb69ebee4c
SHA1

29ee6c240841a32e52f7dcde59cbfafe9fa610fc
SHA256

71cfb4999f1ceaa589529020a55fc9b2d4eafc26728cc1292e7c07322d734c75
SHA512

8cf2a8d03c522f8dc56a6aefc82f2ae20e59fedc0d71b60fc0e56ea28636308b16cdc11f931c0d242f6c55f9fe9af24f83bf204f310f11bf2d6990a663387b0a
SSDEEP

1536:DkOAcVTt7kiYvAERV9fWczUqt37hCW1jJr:DkObTd/YoERV91zV9CW1jJr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c8eebb2615fff1565184edb69ebee4c_JaffaCakes118

Files

7c8eebb2615fff1565184edb69ebee4c_JaffaCakes118
.dll regsvr32 windows:10 windows x86 arch:x86

81be6e85d4eb937b60def3ccc24375b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

user32

UnregisterClassA

ole32

CoCreateInstance

oleaut32

VariantInit

rpcrt4

UuidFromStringW

shlwapi

SHCreateStreamOnFileEx

tdh

TdhGetProperty

xmllite

CreateXmlReader

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 51KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE