285e5d33c269be7c7de839f76f3fecf7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

285e5d33c269be7c7de839f76f3fecf7_JaffaCakes118
Size

99KB
MD5

285e5d33c269be7c7de839f76f3fecf7
SHA1

5d65e8e093fd678568000cacb027930559e827b9
SHA256

9077cfbcd1795b0b08ac67b7c8f883361e270027a5820cb5ebbd9e5d50b6e087
SHA512

a201c4c1c4137d0b6bdc992d49452e96c15b4861a127ce7a3ad113ad62447b52b29d39afdde923499e4478bf4cae6e6d7df7ab5937520e8f6d4eef673f40dace
SSDEEP

1536:CWmOk/Bc9jLVulsSVbsf/+eoCGAZeWeR9EHrlK+CQRjSZVCju/u2Nk/8Dqd:CWpkZgjJua2yGADQe1v8bCIu2NkW8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
285e5d33c269be7c7de839f76f3fecf7_JaffaCakes118

Files

285e5d33c269be7c7de839f76f3fecf7_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

2c2f0b430c193426f3873abce77f0c4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetNextVDMCommand
LoadLibraryExA
Heap32First
GetProcAddress
SetThreadPriorityBoost

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Mcponmc
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.none
Size: 96KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.none2
Size: 512B - Virtual size: 386B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mnon
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ