3458223bd916b125a8460e5a49eb234a_JaffaCakes118 | Triage

Sharing

General

Target

3458223bd916b125a8460e5a49eb234a_JaffaCakes118
Size

99KB
MD5

3458223bd916b125a8460e5a49eb234a
SHA1

754e509911db5b05578ee49eb0455ae4beffe584
SHA256

715d6383843ae6f79952a418c01b5e5f5aef2961449a6484226c422cf3251f87
SHA512

54dac55778b4284ea65da7ce2d59319348aa8014846d410ca802f231353db248ca9ca68dfe9eb01a4c61955aa8d9651b5fa29f90475d457f0c8fcb43847e1631
SSDEEP

1536:KWYfhR667NNLj6OgGyGuPnTkPDZqvqBZJD60D/m5346VNolPu+l0gdX:IZ77lgz/7kP9E8ZJJ446/yWI02

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3458223bd916b125a8460e5a49eb234a_JaffaCakes118

Files

3458223bd916b125a8460e5a49eb234a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

9459bf44186d9177240ab23fa944c1ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryExA
GetCompressedFileSizeA
GlobalUnWire

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Mmcolmm
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.none
Size: 96KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.none2
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mnon
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ