86f833d5814f3c6e53310db63ac9bb50_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86f833d5814f3c6e53310db63ac9bb50_JaffaCakes118
Size

354KB
MD5

86f833d5814f3c6e53310db63ac9bb50
SHA1

0916c4f4ea247128718d60d4e5dab07769d1db8d
SHA256

6609ae9f60487e84f306f98bd869f4d44428bf68dcc04e8211754827e0b3f65f
SHA512

f1b7380219fd9253fd920ce9dd72249ba93d99f3e3a670ab0e04c8986aa16f339f912f2a0d6089a4d8c01ee14507ea1f602e1511c7eccae0ae13532df816e859
SSDEEP

6144:+7Mdxn+D3xl62GNlGsV/wm516rcdEIPFdXyPQ2+euQVhFiogCVAvk:/3+z94lGDm516rP2oA2fKCVA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86f833d5814f3c6e53310db63ac9bb50_JaffaCakes118

Files

86f833d5814f3c6e53310db63ac9bb50_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

067fef1649160f64bbdfafac219c7b54

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msdmo

DMORegister

oleaut32

SysAllocString

advapi32

RegOpenKeyA

msvcrt

_iob

ole32

CoTaskMemFree

shlwapi

SHDeleteKeyA

Exports

Exports

CreateInstance
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 349KB - Virtual size: 948KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE