3301776122048bad1a6a832ea4919147_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3301776122048bad1a6a832ea4919147_JaffaCakes118
Size

98KB
MD5

3301776122048bad1a6a832ea4919147
SHA1

833ccdfa7ef6f83a43c3a27f69a40b3cb309ca2a
SHA256

a68eb2bcf44f6d949ffc49c6db92c11f1489e5c2d3d418a8451b6c91c3c1a9ce
SHA512

724395835eae58b12f1579d89a18b62cb2f0f8477f09609a134a36da2339d271340b7cf52874306df7685cb1a09b11e0b15e3e0986a339d980aa40806dc3200b
SSDEEP

1536:l0M+nDS4K2xiHDvYbJdQFXvZgIiP4pV1W41Ha3vclYcux5y537HCi:XKu4K2xoEMFXv+I1W4Va3vcBuC+i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3301776122048bad1a6a832ea4919147_JaffaCakes118

Files

3301776122048bad1a6a832ea4919147_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

1cacf02fa5a7a0b42f324ad8a717732f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Process32NextW
GetProcAddress
LoadLibraryExA
WriteConsoleOutputAttribute
Module32NextW
GetHandleInformation

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Hpcpmhp
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.none
Size: 96KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.none2
Size: 512B - Virtual size: 422B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE