2a228c2c5e077030d1f509e31df5e78d_JaffaCakes118 | Triage

Sharing

General

Target

2a228c2c5e077030d1f509e31df5e78d_JaffaCakes118
Size

122KB
MD5

2a228c2c5e077030d1f509e31df5e78d
SHA1

9feb2f6d11414d7c58d1638f4dff3c2011264771
SHA256

c180e6e9aac33a0c60c03852269d98a88c77873717ccba014b3dcb6e090e812a
SHA512

edc40dadd6d52e5b4b19aebfe3a17cf7be8e2537e3a7f7673939605ef461ada87ccaa7610876dfc5c5839470f118f0264a8162366bcf9fb4057306105ca80c04
SSDEEP

3072:oSYPZR6H/EBTXL2fXFBx/9U4i7OkZSokAv5/ix:ofR6fE5IXHxnjk5/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a228c2c5e077030d1f509e31df5e78d_JaffaCakes118

Files

2a228c2c5e077030d1f509e31df5e78d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f5cbe1f2892e527404bc580402775e60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA

advapi32

FreeSid

oleaut32

SysFreeString

user32

CharNextA

version

VerQueryValueA

Exports

Exports

DLLCanUnloadNow
DLLGetClassObject
DLLRegisterServer
DLLUnregisterServer

Sections

.text
Size: 120KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE