2f72efb54b76605a897e981952a9eba0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f72efb54b76605a897e981952a9eba0_JaffaCakes118
Size

102KB
MD5

2f72efb54b76605a897e981952a9eba0
SHA1

b3cf68e83d3dbc6ee5bee61f524fa4452c5abcf7
SHA256

9404f574164fcad0ce5e5e2fb12c1b455d94cc22ed37ba99b3d12ea43a0d22e5
SHA512

b64f0cf8e7f08b1a10929b79a255619b9b47d70422a8c3f9ff885fd571701ee7e16c4dccf9bbe3ec82ae7e2f1f1d838946ae7827f06b091dab64e363362b1177
SSDEEP

3072:Hi0slPbHa/D70sytpck95FMuD+OwxDqyalTlv:C06bq7y7523D5alTl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f72efb54b76605a897e981952a9eba0_JaffaCakes118

Files

2f72efb54b76605a897e981952a9eba0_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

c3e3470d28f424f0d963220da378cf34

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryExA
IsBadCodePtr
GetProcAddress
HeapLock
SetConsoleScreenBufferSize

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Oblghgd
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.text
Size: 99KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ