4388aa40f356be8fd0c92589fb5d9e7a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4388aa40f356be8fd0c92589fb5d9e7a_JaffaCakes118
Size

55KB
MD5

4388aa40f356be8fd0c92589fb5d9e7a
SHA1

c181d07995ef111a36ab50128329aa40675278f4
SHA256

763865daad92b9779761068c75aadb773d6f4ad8b1f490acbb9791b53a6332b9
SHA512

4b80e3489bdbb7e913002d7d0403c51b3ae46fb3a73b25afc0e8dd8a81d671df89f82233b32bf9236abcfb7cbe4d0ac520abada7b349ac0918dad975bc1d31e8
SSDEEP

768:kBIIXTQ2rsfLUkmSl+N8R0H/paf30u9Nce2WEumqvGieYs78scw0UxI:rIXsSszUtm+8R0HC0uHcnvudoz0yI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4388aa40f356be8fd0c92589fb5d9e7a_JaffaCakes118

Files

4388aa40f356be8fd0c92589fb5d9e7a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

7553eacac4bd3969b546e50e76393a8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharNextA

gdi32

GetTextCharsetInfo

advapi32

CloseServiceHandle

shell32

SHGetFileInfoA

ole32

StringFromGUID2

oleaut32

SysFreeString

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 39KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE