395d417848d868cf9bac2a58fbce5659_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

395d417848d868cf9bac2a58fbce5659_JaffaCakes118
Size

102KB
MD5

395d417848d868cf9bac2a58fbce5659
SHA1

ed5f23b80a450fea0c30ff2a5fef17e79b95ca62
SHA256

2b240809d78623a024845f82be2c45d127deb80fd6932eb639f5c811524656b8
SHA512

85c85d8e7faff03d6e3442a262a912a3f01bdb928b118c7c063d39ad74fea5ac01eb33b84c5d3282b286696c34aa3f996299dd03a57d0198e640113018c778a7
SSDEEP

1536:fY0CmCuFaTe5CO8UPOj/psUJjqvKsJPIuFdgxAXl6Dx5nE6ZPHZz2z8l:Anmbh5CqcsUt8KEI0dia61RlB2z8l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
395d417848d868cf9bac2a58fbce5659_JaffaCakes118

Files

395d417848d868cf9bac2a58fbce5659_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

f9f4506801fa3719d7d1fe34aa2118f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryExA
GlobalGetAtomNameW
GetConsoleKeyboardLayoutNameA
GetProcAddress
SetCalendarInfoW
GetConsoleInputExeNameW
Heap32ListNext

advapi32

FreeSid

oleaut32

SysFreeString

user32

wvsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Macpklk
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

.text
Size: 98KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ