7d7eb3237c8b1d899cc2f332f0dd0267_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7d7eb3237c8b1d899cc2f332f0dd0267_JaffaCakes118
Size

42KB
MD5

7d7eb3237c8b1d899cc2f332f0dd0267
SHA1

78b8f26dd304bafcec940318269933a0f8befd17
SHA256

d8567681d40aee736a42a28f451fa7d979b2f0c48064656ff545f3fd487bd0c4
SHA512

5f664adc25ddd2d1aa74fd4947108209758e1e53023eb08a0804e77bfed5da2c170ffce2aa4b0fc9c3b57ff6d8d93c346ffe7c4dfa6ffce9923d24fb93ea7607
SSDEEP

768:kNORz8rhCI/o8ZaXs9AkIL2POGYSLRjZKK2FWfFcr7DpXl:kNORorhIVX6AkqE7jZr2ENGXl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d7eb3237c8b1d899cc2f332f0dd0267_JaffaCakes118

Files

7d7eb3237c8b1d899cc2f332f0dd0267_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

cc441d67683ac7697c7a1113eb184549

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

strrchr

user32

GetDC

comctl32

ord17

advapi32

FreeSid

gdi32

BitBlt

ole32

CoInitialize

oleaut32

LoadRegTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 36KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE