ad21bb5f60ed1339a1172b3abd7be9d9_JaffaCakes118 | Triage

Sharing

General

Target

ad21bb5f60ed1339a1172b3abd7be9d9_JaffaCakes118
Size

68KB
MD5

ad21bb5f60ed1339a1172b3abd7be9d9
SHA1

e99218adbcc71b49bc8e5e9907e2ec902051e0e7
SHA256

d61a650e9cb1c154d99812d15ef90cd826422d1f63a5246db68b4186d5aa9c0c
SHA512

6b99ed8be56d144af309c9c0b68610a3955be045bf1a33f163b816cd07dcb49b71edb8c0da50ae088da8e58de0b88c82b60bf979709045092ee0874871fc9baf
SSDEEP

768:/WbXRk+92Yn1u0w7QwUWt0JUmJ2pvCujPpymNJ+i3Bf1nGX1rUwfsbZmXQj2Yvbl:/9s80gNt0JUmJVujvRNuFE3j1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad21bb5f60ed1339a1172b3abd7be9d9_JaffaCakes118

Files

ad21bb5f60ed1339a1172b3abd7be9d9_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

4b1921ad8d82d51383a1012a9170e85c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

ole32

CoTaskMemFree

oleaut32

RegisterTypeLi

user32

CharNextA

msvcrt

free

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 51KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE