a647a5873264fd2ec1b42548ddce1d1b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a647a5873264fd2ec1b42548ddce1d1b_JaffaCakes118
Size

33KB
MD5

a647a5873264fd2ec1b42548ddce1d1b
SHA1

ab09f9b02521824fa828d595093bdf61fc4357b4
SHA256

a3b609689e82863dc32598051fd157c9f2e8967181f39bb09539c033e12a62fa
SHA512

896e62cf33ca42791b43ee74e96b765780cfacd78be28a38f738c866f97af103aa8a958e0cd1a2bb959ae8c3eb820b039f2d4407f6642dead4d27a00f231c688
SSDEEP

384:RBhXW8g6RhVB5KYfiKIKVBmtB2VSocAOXXx6EVnYR0NliyWiQcbfS7vvxlLnDVtL:LFxgCKsiOVB4QoRHxEKPin8S7DHwtS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a647a5873264fd2ec1b42548ddce1d1b_JaffaCakes118

Files

a647a5873264fd2ec1b42548ddce1d1b_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

ac4b5d9bf0db1cd4dff3c1acbd11b5e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

atoi

gdi32

SelectObject

oleaut32

SysAllocStringLen

user32

GetDC

ole32

CoTaskMemFree

advapi32

RegCloseKey

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 17KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE