3198089b93c634368431a988107ca1ce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3198089b93c634368431a988107ca1ce_JaffaCakes118
Size

772KB
MD5

3198089b93c634368431a988107ca1ce
SHA1

3870ae87ae779e2d37d0d7ea153e8bcd97b31ede
SHA256

b5f92a6ac162ad1329c7651f56e924c95252f286564f7d9b0262ef3a24dba8b0
SHA512

df53e318a99e21f207d8d67a64323c9936c4102f1e22057a38327ef44fd5850893d7808e743e718bea6ebd94562637b57cdb889764282ab833728cf8bf9b5dac
SSDEEP

24576:ph0QA+jIKeCtIWjLZ31TGOlsq4tSS1K4M1y:pOjejtVZvlsxtbK4M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3198089b93c634368431a988107ca1ce_JaffaCakes118

Files

3198089b93c634368431a988107ca1ce_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

Size: 104KB - Virtual size: 480KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 828KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gmnmljvr
Size: 648KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

whwoqfhu
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE