93b7e407af9b65d09a1d7fd960c0a53b_JaffaCakes118 | Triage

Sharing

General

Target

93b7e407af9b65d09a1d7fd960c0a53b_JaffaCakes118
Size

140KB
MD5

93b7e407af9b65d09a1d7fd960c0a53b
SHA1

f775f43f2dc3f6aefbe5600bc74ff7aaed0d06f4
SHA256

ca502057fc2043ce1bc070ba6b1cead0b9adcb261d6067bb64f0c5da4faac45b
SHA512

057d6fcdb0405bc8a512db0eca545ad93966991b3c07a98e19c7e02e8135fa22ef9c3ae8f2664d9d0f1d376392f084e48708d88148a3448d797867c659344144
SSDEEP

3072:J2JIoxI1nL20dJGmO+85B/aFhtsTqeJgVcObB4vSU/yjB0nsq:doxqnLlWo8G3tyq0AV4aYyjBU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93b7e407af9b65d09a1d7fd960c0a53b_JaffaCakes118

Files

93b7e407af9b65d09a1d7fd960c0a53b_JaffaCakes118
.dll regsvr32 windows:10 windows x86 arch:x86

15700da31c9eb5caef8d6c6a2710f818

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

oleaut32

SysStringLen

comctl32

ord17

gdi32

LineTo

shell32

ShellExecuteW

user32

GetDC

advapi32

IsValidSid

ole32

CoInitialize

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 133KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE