3014fb586ac8a0b8ca379041576953ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3014fb586ac8a0b8ca379041576953ee_JaffaCakes118
Size

419KB
MD5

3014fb586ac8a0b8ca379041576953ee
SHA1

36bd3bb641d651a8d76e51f59e8440f513807640
SHA256

260e9fa9cddef16dc1c257393f59b2dd7be0cead04e68308cb91f519ae2b255a
SHA512

1cf7cdf026c55ed8eab8dd85ac58c5479e4d5f9d7e49e1bbcfde29d079844de57ea7d854b6a1f8ecb699bb1dc7e90e1c41e5124ca4ed6394e65f221e6d7f01db
SSDEEP

12288:gYKGbHs53Is5absaSnckv6k1QGMTv7CNpNJfQTraCsox+jY7:gYKAbsbv6YQGMTvQvaTraGx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3014fb586ac8a0b8ca379041576953ee_JaffaCakes118

Files

3014fb586ac8a0b8ca379041576953ee_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ