9362628581f5126e652536fcaa853c03_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9362628581f5126e652536fcaa853c03_JaffaCakes118
Size

48KB
MD5

9362628581f5126e652536fcaa853c03
SHA1

221f46ae35746e46aa6efee4f6fea76ce629c9b2
SHA256

e7dd6c0b687b5576b61851619e90487101f0c222313525a22d867199a9e4e5e0
SHA512

8f11f24137eb3050406d3270f64f70e6a3cf4da0fa4269ca7bd5e027d44e6d07dc879ff439f06d93356a1e8a5fabdce1790a590a81da34419ebf335dae4056c4
SSDEEP

768:Jcx92noCO+pbVkEUHO/z1F/jITaAzyzF1cL0vp5vdlDtsQb7Dh:uQ3eEUHO/PjI+CyB1z5vdnsQt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9362628581f5126e652536fcaa853c03_JaffaCakes118

Files

9362628581f5126e652536fcaa853c03_JaffaCakes118
.dll regsvr32 windows:6 windows x86 arch:x86

c98b8752490bac90b6f2112ae56af26a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

advapi32

TraceEvent

user32

GetDC

gdi32

BitBlt

shlwapi

ord184

shell32

ord155

oleaut32

SysStringLen

ntdll

RtlCreateAcl

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 42KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE