45786f2bf7e4ae2e35eff311d2d6f32b_JaffaCakes118 | Triage

Sharing

General

Target

45786f2bf7e4ae2e35eff311d2d6f32b_JaffaCakes118
Size

135KB
MD5

45786f2bf7e4ae2e35eff311d2d6f32b
SHA1

32a4e2dd092960882d442f1cfe21294ee2f7e55f
SHA256

5707666b30578201f97c71546f58ec30793c3ff34ad725dd11191688c92004bb
SHA512

b39803378e8aba8f1f5e653172e0525e2f0ab5747b40ee6716fea6814009e2e0637d8e2a6e32c1a51d68006b28216d7cf293ef9bd77ec20c6de8ac40c2f9ea84
SSDEEP

3072:4wJ8mMSo+O21s85kM5tsHsFY141CRTzZRNCxVpz7vx:4K8iZXswEHNuChpsz75

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45786f2bf7e4ae2e35eff311d2d6f32b_JaffaCakes118

Files

45786f2bf7e4ae2e35eff311d2d6f32b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

cc57de27c39c384bfcfa14d98c1bbf0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharNextA

advapi32

OpenSCManagerA

shell32

SHGetFileInfoA

ole32

StringFromGUID2

oleaut32

SysFreeString

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 39KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE