16d13fbffe44b6963bcfadb31dd271f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16d13fbffe44b6963bcfadb31dd271f4_JaffaCakes118
Size

738KB
MD5

16d13fbffe44b6963bcfadb31dd271f4
SHA1

906420932fbf86c1d17d732c19695795710b84f0
SHA256

059491b6d7130a51df15c633afeffea20b451dcaa82f7da593a09fe2659a9a9d
SHA512

7976ae94d8fa0eb076b73311ac084bf4818f735666fc57be724df6a374ebd87b8970fe4b1a335b5ca9334fa9c41d826774e032071925ed766b8fc3b641bf6c62
SSDEEP

12288:LFmocHwWiIlvHGA0ohMnkvTzNzj1gxcuwmixwGvlWlWdjpuMeKFCOV2:LGwWflr0oSnkvvp1gxcuHlGv0ENuMeK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16d13fbffe44b6963bcfadb31dd271f4_JaffaCakes118

Files

16d13fbffe44b6963bcfadb31dd271f4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c2153053dac16dfda4acf12a50df55ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FreeLibrary
EnterCriticalSection
LoadLibraryA
LeaveCriticalSection
GetProcAddress

advapi32

FreeSid

oleaut32

SysFreeString

user32

CharNextA

Exports

Exports

DLLCanUnloadNow
DLLGetClassObject
DLLRegisterServer
DLLUnregisterServer

Sections

.text
Size: 736KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE