198ff1ddcf8ae973bd3cf36cdc8609db_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

198ff1ddcf8ae973bd3cf36cdc8609db_JaffaCakes118
Size

102KB
MD5

198ff1ddcf8ae973bd3cf36cdc8609db
SHA1

d504a52a1c65387e17cc34c2784bd78a4515060a
SHA256

ee895d0f4d9830ea519a5511fb4eaec8504ab04f5501dbb8b59d41531c62ba8a
SHA512

b3fce724946e088f4d13f9eec469dbc2b56ebde4cb16fc2a7f4ab7d38d5351c0aa7c755db7cb22bbc8e37059ae1b1ea6c6f3941eb10989d5865182e7c0d3666a
SSDEEP

1536:2HM/Jj/gZgfm2j8UrXJPHxgKN24slZna5DOE1XVaLLK8sB/etcIqnzWp+mD8mef7:2H+6omEps4w8xn1lPxe+IqnzWpvIf7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
198ff1ddcf8ae973bd3cf36cdc8609db_JaffaCakes118

Files

198ff1ddcf8ae973bd3cf36cdc8609db_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

ad26b22dffc6661baa7f461f597a733a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FlushInstructionCache
LoadLibraryExA
GetProcAddress
BuildCommDCBW
GetDiskFreeSpaceW
OpenFileMappingA
GetFileAttributesExW

advapi32

FreeSid

oleaut32

SysFreeString

user32

CharNextA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Cgmacpc
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.text
Size: 99KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ