957eb33e914e548e2e8f916eb1b3db94_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

957eb33e914e548e2e8f916eb1b3db94_JaffaCakes118
Size

69KB
MD5

957eb33e914e548e2e8f916eb1b3db94
SHA1

8c4e64699519eebb1e0571bfaa0a17a58161fae9
SHA256

3ed049b1bbc9c5cf1a200fbb21a51bc7b7e94cca2a7eeb047fd313b257fc2d24
SHA512

9d707ca40709146c38331eca86a2e07c41e2688a90960fc35afe5110fd244730a3d44091ded77873f3535b363f9a2b1e6a0a42edf698e5c2dc28d2902950becd
SSDEEP

1536:NabNkTcc5RijidUH7Uu0DAD32kfVcZHsJ4Bq:NgKTcc5RXd07dVD32kShBq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
957eb33e914e548e2e8f916eb1b3db94_JaffaCakes118

Files

957eb33e914e548e2e8f916eb1b3db94_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

3ad98212677843007fb698b1c6d398de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcr90

free

shell32

DragQueryFileW

oleaut32

SysAllocString

ole32

CoTaskMemFree

gdi32

BitBlt

advapi32

TraceEvent

user32

GetDC

mso

ord8708

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.MPRESS1
Size: 63KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE