4482725b8c501b0cd235176328fc3bf9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4482725b8c501b0cd235176328fc3bf9_JaffaCakes118
Size

791KB
MD5

4482725b8c501b0cd235176328fc3bf9
SHA1

96693cbaefd8c1dd2fca106c73358873dc03e5cb
SHA256

4f28ee97ae71469f1116318693070168413fad708fc1d0870ba841d4a13ef4e1
SHA512

905b290fbb65d3637c9c5070546a7c565dbcbe14423974b09b768d79971d48cfcde7cbb0394948e7e49f9b3d1608de485624280dac7aba382b0ece62d1fa9f18
SSDEEP

24576:3RpNJjMUxuU0QloDzxgeF732uORLqwZ6M71SFuZh:3RpNp5xeQ6xgcLo9YM71Mu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4482725b8c501b0cd235176328fc3bf9_JaffaCakes118

Files

4482725b8c501b0cd235176328fc3bf9_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
Pmlpmlp

Sections

Size: 75KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 888KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xgiudnta
Size: 709KB - Virtual size: 712KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tpgkmmgg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE