33332eb0f65a2b2e92d6b0637a088b75_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33332eb0f65a2b2e92d6b0637a088b75_JaffaCakes118
Size

936KB
MD5

33332eb0f65a2b2e92d6b0637a088b75
SHA1

1ca8505c56a333adf5cb516d9bee9becae6a04ad
SHA256

d8c2b4a9bc05dae7944cefa99a9eddfeddee8343d4ff6f3d40576fdb425b58dc
SHA512

5837e74a27666db8c041b8dcfbda3876b9b8b4e8cd3455ec6bb017fc1b6d1c2a1f5a2d6a653e13ba42917dbdc21faedb3cfe052d4a0c975be109ca4f87385dc6
SSDEEP

12288:3zduuZcMT8dUVBVzMPwZ2dleKYDkJqWSFv+FbMGs2T8oivYf8AJtQ8:RuuV0yBVzud9dEv+FbMG3TJivg80a8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33332eb0f65a2b2e92d6b0637a088b75_JaffaCakes118

Files

33332eb0f65a2b2e92d6b0637a088b75_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IAlloc
QueueMemory

Sections

.text
Size: 592KB - Virtual size: 589KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ