223dcfa0f4a883df6eca7d733e3910b2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

223dcfa0f4a883df6eca7d733e3910b2_JaffaCakes118
Size

79KB
MD5

223dcfa0f4a883df6eca7d733e3910b2
SHA1

ad16d458a7893808b6d70450efb7e54cee4b04ca
SHA256

1b9206bb034158c8986ee0f14faafafc20687e05576c81a42d0eefe780a482dd
SHA512

abbd1a0833db1352a15516fae21074742ee5e0d4bc1ee0b5035de36a2f9a21eab7c069b6d9344f6252821dfb1a88adf5b3781b288a8f63692b0774b4d567c2f2
SSDEEP

1536:nkpBiH2hIyKY6xRnYIicaCam9wt0D9NsmaiDLVxJr5n:0iH4IKYlfwyaiDBxn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
223dcfa0f4a883df6eca7d733e3910b2_JaffaCakes118

Files

223dcfa0f4a883df6eca7d733e3910b2_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

4c9ddbbb4e239a7b6a40e9d149471caa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FindNextVolumeMountPointA
SetFileApisToOEM
GetCompressedFileSizeA
FindAtomA
LoadLibraryExA
GetProcAddress
SetComputerNameExA
WritePrivateProfileStringA

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Longaco
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.text
Size: 76KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ