1504da37adba68ccc22e3ca3a9ad4c46_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1504da37adba68ccc22e3ca3a9ad4c46_JaffaCakes118
Size

380KB
MD5

1504da37adba68ccc22e3ca3a9ad4c46
SHA1

7aa30b45085fa9045a307b404fbf1c629c2b4e5d
SHA256

0a0c88517d608f1c5c901ded66db5538328821f359852bba5d45bc5c9200b6d6
SHA512

b80f99e924a097abf1815cfada247df0d52ab40aab19c068cb86795a6e9583939649fb905c4ac0fddab10f9a727f6c6ad2c5ed354840718bc40577bd84313059
SSDEEP

6144:+2sIJqFkT12Fux8D7Li4DG8ZxljvYQTBJO4ChbeWcVKn:haUu7Li4i8ZnYQTrXCZebVs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1504da37adba68ccc22e3ca3a9ad4c46_JaffaCakes118

Files

1504da37adba68ccc22e3ca3a9ad4c46_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ