8e7a85cccd04546c641ba9ae93a2a862_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e7a85cccd04546c641ba9ae93a2a862_JaffaCakes118
Size

27KB
MD5

8e7a85cccd04546c641ba9ae93a2a862
SHA1

ca3f6953ca238e9af3bb1ab5070d4e1dbe0d0214
SHA256

4eb4030945cfbc4f28443fca6388571cd49a6a04aaad810fe06c03204a876e2c
SHA512

2bbbc77cca4fcb2c6d8470a7bfc4bad34a49373e4d4ccfe5b3419951f8a971b944455fddadba2e9da791a28c98f4c3945c3cd75fa75a56f5015e736fb0b0689a
SSDEEP

384:3MazjIWVz/UHuHxu2VoI3EMa/NIfphy5sVxtGrwMoyDTQlZUS7vvxlLhceWHLuSc:3MazBVz/UHD3MJUsHtGcdIIKS7DsK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e7a85cccd04546c641ba9ae93a2a862_JaffaCakes118

Files

8e7a85cccd04546c641ba9ae93a2a862_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ca586e6f41b012d1469c3129aeb90a12

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcr80

free

shlwapi

PathFindFileNameW

ole32

CoGetMalloc

user32

SetRect

gdi32

DeleteDC

oleaut32

LoadTypeLibEx

advapi32

RegCloseKey

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.MPRESS1
Size: 18KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE