a3e9a5dc198f2787ac9a7ce52f718413_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3e9a5dc198f2787ac9a7ce52f718413_JaffaCakes118
Size

40KB
MD5

a3e9a5dc198f2787ac9a7ce52f718413
SHA1

f2d82ffb9ca96d86bf9ea148e660922636f84685
SHA256

2ca09c026048ee3dc694338e6c442101e820863ad4c7e064c8249f7b22fec65b
SHA512

e95159c9f6a05b8717306d9130617c4b8cbcdd0c618a164f6352ee2f8d3a0d85819b64fee5d1e03a8391a74d750db6d9770297fe0427d9e2d0ab079a655256d7
SSDEEP

768:ifMUO8zBgeJVN5MzHY8AslNZgG9Ao6aK5/luGyvRTg1DIo7D4E:i/zFJxK7Ac+JludKIA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3e9a5dc198f2787ac9a7ce52f718413_JaffaCakes118

Files

a3e9a5dc198f2787ac9a7ce52f718413_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

e66280f24383f1b1c0a3ddea456d79eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

advapi32

RegCloseKey

ole32

CoTaskMemFree

oleaut32

SysFreeString

user32

CharPrevW

drmclien

ord5

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 32KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE