93b631c42068e6ecb58d9999cab3ff01_JaffaCakes118 | Triage

Sharing

General

Target

93b631c42068e6ecb58d9999cab3ff01_JaffaCakes118
Size

16KB
MD5

93b631c42068e6ecb58d9999cab3ff01
SHA1

4f8dd17bf1c5b5a8d77d4218f0b1f8569b3ccaec
SHA256

28464426110a469bed97ee155e507d7bbaf8da921fed8cfd537e5ad89fb07180
SHA512

2720980fba27ba66ff2815fa08cc71afe57d81d4a594a3dc1b5a2fc181af814c14c00d994251f69417ceeefb80e83a5c77e57421aa4148d73bbd04ce8683151c
SSDEEP

384:l7sLRcjB9XX4+o1nnfVH5iIIxlf7IWvtYguZ1HYp0WB:l7KujB9XI+oVnfVH5iPyi+gE1HK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93b631c42068e6ecb58d9999cab3ff01_JaffaCakes118

Files

93b631c42068e6ecb58d9999cab3ff01_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

2583a96796bd354c2f71ea1923996604

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

_purecall

user32

wsprintfA

advapi32

RegCloseKey

ole32

CoInitialize

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE