32a4c41611a1e4eabd9ae1cd4c6f4c95_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32a4c41611a1e4eabd9ae1cd4c6f4c95_JaffaCakes118
Size

801KB
MD5

32a4c41611a1e4eabd9ae1cd4c6f4c95
SHA1

8a384eb3e2b7845e44a607a314059a2512ee16ee
SHA256

451e63394358514cdcb56e81eaff478c2979c97bf1a944055a5fe932ccfa3e0f
SHA512

9dee0d330e47dc2fe69cc7cc0157556bb9d5fd553ba4271061cb05566344ad8da783e2caec2b62fecb839b0b70e8c7f70151b8df7e79768c94e390d0dcb97ffa
SSDEEP

12288:K0jHG8SY+I2D2gMXNUeiCYUjcVyQb5A2h5k7y+XYjU2TzFh6KG2HrhYGQR9:K0s3yVy4y3nPayaMUOzL19NQ3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32a4c41611a1e4eabd9ae1cd4c6f4c95_JaffaCakes118

Files

32a4c41611a1e4eabd9ae1cd4c6f4c95_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

Size: 75KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 896KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kklcnfvm
Size: 718KB - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gpquqfal
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE