34576c4dcf4f863c1414d560f3b971a8_JaffaCakes118 | Triage

Sharing

General

Target

34576c4dcf4f863c1414d560f3b971a8_JaffaCakes118
Size

32KB
MD5

34576c4dcf4f863c1414d560f3b971a8
SHA1

a02d8779c8aed2e57351e864125825c0109e7c73
SHA256

94a45db2de96ccd01bca8ccee38fc8e69e022824ac67ca9d205ef6d4af99c15f
SHA512

d3a513f15b7393f67953a48fefe48366c22a370f9008cb17449714277518b3b00dd3b95c4e08d856e2179da4d2f393b854351f9ff541ab9380b3368e6647d3ef
SSDEEP

192:25+BuGgLWXFo3LltCr0dQy6knvBm5+vQA8BmJjjw3GAdTXILDO+eiIRI:24wDLWXFmtCrEQymcYY3w3GAdTXk5IR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34576c4dcf4f863c1414d560f3b971a8_JaffaCakes118

Files

34576c4dcf4f863c1414d560f3b971a8_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

d293ce4ca038f1628393668945a931d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapCreate
lstrlenW
DebugBreak
GetVersionExA
HeapFree
DisableThreadLibraryCalls
GetSystemInfo
HeapAlloc
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection

user32

MessageBoxA

oleaut32

SysStringLen
LoadRegTypeLi
SysFreeString

atl

ord15
ord21
ord23
ord57
ord32
ord16
ord58
ord30
ord18

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ