2d99dd55e66b99c06cfa6059ef8e0f86_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d99dd55e66b99c06cfa6059ef8e0f86_JaffaCakes118
Size

47KB
MD5

2d99dd55e66b99c06cfa6059ef8e0f86
SHA1

9e129061ddc8071e04b438c5c8dfb2b0617e14e6
SHA256

1c1fdb38bf3d2727b4bda2bbd52515943abdcbbfdacb07d4fe70a9262872a624
SHA512

c35d2d082c2aff81b887e61a7f94cad711fdfd4af517124439a0e873d7f9a2ab765e2e35506293ac54f65522999ea1bf6567e61f156f26d9c362385e151009d9
SSDEEP

768:o6qj9AiXntrYVQD+FpCu/Zl5kxAv6fg8lnbKt6TFNgtaFTuc3Jw8Vq55u:o6GAmnNAQDibnGTlnFNnScZ1wW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d99dd55e66b99c06cfa6059ef8e0f86_JaffaCakes118

Files

2d99dd55e66b99c06cfa6059ef8e0f86_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 37KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE