aecbd4a9c77188c5691c185693ecaf77_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aecbd4a9c77188c5691c185693ecaf77_JaffaCakes118
Size

38KB
MD5

aecbd4a9c77188c5691c185693ecaf77
SHA1

7717148cde73c95a002e1cccf24cd39fe3fe9663
SHA256

5dbbdd6c2bee16052231eb9b06f6d96dd757e8209b0310f4fa55fafe4a1bb647
SHA512

0c62d8ce23d21a614c6d85b5941d68030477d29b93160e4d7001a48ae4aaf1306b8bf2a8f1984f793e601f0f30e15a45b4a9c1c64ac2ece7edbafb942d2a38b5
SSDEEP

768:XcC7Z+hP/EaEtRFXk0jsrvsefICqIzPkodhhLKjke7D:XcJhJEHdkiSvYIzDxLKj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aecbd4a9c77188c5691c185693ecaf77_JaffaCakes118

Files

aecbd4a9c77188c5691c185693ecaf77_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

1d5a28dd6b51bbde1a7e7b248d0dbedd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

ole32

OleDraw

oleaut32

SysAllocString

advapi32

RegCloseKey

shlwapi

UrlGetPartW

gdi32

DeleteDC

user32

GetDC

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.MPRESS1
Size: 34KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE