1c793996c7faec570d2defda0b8f470a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c793996c7faec570d2defda0b8f470a_JaffaCakes118
Size

101KB
MD5

1c793996c7faec570d2defda0b8f470a
SHA1

1d5dff382921ef4eb001c16c623dbd441150664e
SHA256

9a4499e86ac3c18fcbe8dd816abee388c19df18c0b661bea81027e5dd12b92fd
SHA512

9a2b97731c242a95bce82c35f2ee259b2f0de743d703d764d1b54eb9cfc542ce7565eeb53f7f6f5b05c40a6e2e68b86df55bfd51e66917f128e2f8f4bb85aacc
SSDEEP

1536:UQbpByQynWvdNTDVHXvTCb69ioRzh4h15dg7PURQUvdT45A:UMpByDadNTtXbpdR9admC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c793996c7faec570d2defda0b8f470a_JaffaCakes118

Files

1c793996c7faec570d2defda0b8f470a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

7752f039cc35c42248b55fb6d64f3edc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FillConsoleOutputCharacterW
LoadLibraryExA
lstrcmpi
GetProcAddress
ReadDirectoryChangesW
BuildCommDCBAndTimeoutsA

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Ingjjgl
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.text
Size: 98KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ